How Bitcoin mining really works - freeCodeCamp.org

Looking for Technical Information about Mining Pools

I'm doing research on how exactly bitcoins are mined, and I'm looking for detailed information about how mining pools work - i.e. what exactly is the pool server telling each participating miner to do.
It's so far my understanding that, when Bitcoins are mined, the following steps take place:
  1. Transactions from the mempool are selected for a new block; this may or may not be all the transactions in said mempool. A coinable transaction - which consists of the miner's wallet's address and other arbitrary data - that will help create new Bitcoin will also be added to the new block.
  2. All of said transactions are hashed together into a Merkle Root. The hashing algorithm is Double SHA-256.
  3. A block header is formed for the new block. Said block header consists of a Version, the Block Hash of the Previous Block in the Blockchain, said Merkle Root from earlier, a timestamp in UTC, the target, and a nonce - which is 32 bits long and can be any value from 0x00000000 to 0xFFFFFFFF (a total of 4,294,967,296 nonce values in total).
  4. The nonce value is set to 0x00000000, and said block header is double hashed to get the Block Hash of the current block; and if said Block Hash starts with a certain number of zeroes (depending on the difficulty), the miner sends the block to the Bitcoin Network, the block successfully added to the blockchain and the miner is awarded with newly created bitcoin.
  5. But if said Block Hash does not start with the required number of zeroes, said block will not be accepted by the network, and the miner Double Hashes the block again, but with a different nonce value; but if none of the 4,294,967,296 nonce values yields a Block Hash with the required number of zeroes, it will be impossible to add the block to the network - and in that case, the miner will either need to change the timestamp and try all 4,294,967,296 nonce values again, or the miner will need to start all over again and compose a new block with a different set of transactions (either a different coinable transaction, a different set of transactions from the mempool, or both).
Now, what I'm trying to figure out is what exactly each miner is doing differently in a mining pool, and if it is different depending on the pool.
One thing I've read is that a mining pool gives each participating miner a different set of transactions from the mempool.
I've also read that, because the most sophisticated miners can try all 4,294,967,296 nonce values in less than a fraction of a second, and since the timestamp can only be updated every second, the coinbase transaction is used as a "second nonce" (although, it is my understanding that, being part of a transaction, if this "extra nonce" is changed, all the transactions need to be double hashed into a new Merkle Root); and I may have read someplace that miners could also be given the same set of transactions from the mempool, but are each told to use a different set of "extra nonce" values for the coinbase transaction.
Is there anything else that pools tell miners to do differently? Is each pool different in the instructions it gives to the participating miners? Did I get anything wrong?
I want to make sure I have a full technical understanding of what mining pools are doing to mine bitcoin.
submitted by sparky77734 to Bitcoin [link] [comments]

Bitcoin Rhodium Mining Guide

Bitcoin Rhodium Mining Guide
Happy Mining!

All available XRC pools can be found on MiningPoolStats

Bitcoin Rhodium Mining Hardware

Baikal Giant+: 1.6 GH/s
Baikal Quad Cube: 1.2 GH/s
Baikal Giant: 900 MH/s
Baikal Quadruple Mini Miner: 600 MH/s
Baikal Miner Cube: 300 MH/s
Baikal Mini Miner: 150 MH/s

Mining Setup

To mine Bitcoin Rhodium you need to set up an XRC wallet and configure your miner of choice. You can choose between Web wallet, Electrum-XRC or Magnum wallet. To set up a web wallet please visit wallet.bitcoinrh.org. Or download and install Electrum-XRC wallet (recommended) for Windows, Linux and MacOS.
Web wallet: wallet.bitcoinrh.org
Electrum-XRC wallet: electrum.bitcoinrh.org
Magnum wallet: https://magnumwallet.co

Sign up for XRC web wallet if not yet done so

  1. Create an account, with your username, password and secure question.
  2. Sign in and click “Create Wallet”.
  3. Set up a strong transaction password. Make sure you store it securely in a secure password manager of choice.
  4. Copy the seed somewhere safe. It’d be a good idea to write seed on a hardcopy and keep it safe.
  5. Paste it to confirm you got it right.
  6. Grab an address for the mining step. Your wallet is now ready to mine XRC.

Instructions for mining XRC on the official pool

Pool link: poolcore.bitcoinrh.org
  1. Any miner that supports X13 will be able to mine XRC. We have a few examples below of miners that are well tested with Bitcoin Rhodium network.
  2. For any miner, configure the miner to point to:
(0–0.8 GH/s) stratum+tcp://poolcore.bitcoinrh.org:3061
(0.8–2 GH/s) stratum+tcp://poolcore.bitcoinrh.org:3062
(3–4 GH/s) stratum+tcp://poolcore.bitcoinrh.org:3063
(5+ GH/s) stratum+tcp://poolcore.bitcoinrh.org:3064
with your XRC address as username and x as password. You don’t need to open an account on pool. You will be mining to XRC address and mined coins will be transferred to your wallet
after blocks reach 10 block maturity
after you mined up minimal amount of coins (currently 0.1 XRC)
sometimes mined blocks could get rejected by network (orphaned) after they were counted as valid blocks. This is normal network behavior to follow longest chain
  1. http://poolcore.bitcoinrh.org is used to follow your miner and network statistics.

CPU Miner-Multi

Source: https://github.com/tpruvot/cpuminer-multi
Sample configuration with CPU Miner tested on UBUNTU.
{
“url” : “stratum+tcp://poolcore.bitcoinrh.org:3061”, “user” : “YOUR XRC ADDRESS”,
“pass” : “x”,
“algo” : “x13”, “threads” : 1,
“cpu-priority” : 5,
“cpu-affinity” : 1, “benchmark” : false, “debug” : true, “protocol”: true, “show-diff”: true, “quiet” : false
}
Command to run your CPUMiner: cpuminer -c cpuminer.json

SGMiner (ATI GPU)

SGMiner is a GPU-based mine: https://github.com/nicehash/sgminereleases
The configuration below was tested on Windows:
setx GPU_FORCE_64BIT_PTR 0
setx GPU_MAX_HEAP_SIZE 100
setx GPU_USE_SYNC_OBJECTS 1
setx GPU_MAX_ALLOC_PERCENT 100
setx GPU_SINGLE_ALLOC_PERCENT 100
cd C:\Software\sgminer-5.6.1-nicehash-51-windowsamd64 sgminer.exe
— gpu-platform 1 — algorithm x13mod -url stratum+tcp://poolcore.bitcoinrh. org:3062 — pool-user — userpass :x — auto-fan — temp-target 70 — temp-over- heat 82 — temp-cutoff 85 — gpu-fan 65–85 — log-file log.txt — no-adl — no-extra- nonce -P –T

CCMiner (NVIDIA GPU)

CCMiner is a GPU-based miner (NVIDIA)
Command to run your CCMINER:
ccminer-x64.exe -a x13 -o stratum+tcp://poolcore.bitcoinrh.org:3062 -O :without -D — show-diff

Baikal miner

Settings: Url:
(0–2 GH/s) stratum+tcp://poolcore.bitcoinrh.org:3062
(3–4 GH/s) stratum+tcp://poolcore.bitcoinrh.org:3063
(5+ GH/s) stratum+tcp://poolcore.bitcoinrh.org:3064
Algo: x13User: your XRC receiving address (make sure you set 2 distinct addresses for each hashing board)
Pass: x
Extranonce: leave off Priority set to 0 and 1
Once pool stratum address and your wallet as user are set up you should see your miner mining against XRC pool. When miner is working the status column is green. The pool and miner are incorrectly configured now as status says “Dead” highlighted in red.

Instructions for mining XRC on BSOD pool

Pool link: bsod.pw/en/pool/dashboard/XRC/
Use this code for your miner: -a x13 -o stratum+tcp://pool.bsod.pw:2582 -u WALLET.rig
BSOD pool allows both solo and party mining.
For solo mining use code: -a x13 -o stratum+tcp://pool.bsod.pw:2582 -u WALLET.rig -p m=solo And for party mining use: -a x13 -o stratum+tcp://pool.bsod.pw:2582 -u WALLET.rig -p m=party.yourpassword
NOTICE: You can use us for North America and asia for Asia instead of euin your .bat file or config.
You can also use BSOD pool’s monitor app for Android and iOS.

Instructions for mining XRC on ZERGPOOL

Zergpool offers low fees (just 0.5%) and also SOLO and PARTY mining with no extra fees.
To mine XRC on Zergpool use this command lines for your miner:
Regular: -a x13 -o stratum+tcp://x13.mine.zergpool.com:3633 -u -p c=XRC,mc=XRC Solo: -a x13 -o stratum+tcp://x13.mine.zergpool.com:3633 -u -p c=XRC,mc=XRC,m=solo Party: -a x13 -o stratum+tcp://x13.mine.zergpool.com:3633 -u -p c=XRC,mc=XRC,m=party
Use your coin wallet address as username in mining software. Specify c=SYMBOL as password to identify payout wallet coin, and the same coin in mc=SYMBOL to specify mining coin.
For more information and support please visit http://zergpool.com
Notice that when there are more pools mining XRC in different geographic/availability locations choose the nearest to you as lowest priority and then add desirable fall back pool options in different geographic locations or pools. This is useful when one pool experiences issues, to fall back to different pool in Bitcoin Rhodium network.

Calculate your Bitcoin Rhodium mining profitability

WhatToMine: https://whattomine.com/coins/317-xrc-x13
CoinCalculators: https://www.coincalculators.io/coin/bitcoin-rhodium

Feel free to ask questions in Discord community. There are lots of helpful people around the world watching XRC 24x7.

Bitcoin Rhodium Dev Team
submitted by BitcoinRh to BitcoinRhodium [link] [comments]

EasyMine: WTF Happened?

UPDATE: VTC mining on Easymine back to normal, payouts have resumed. Zero fees for the rest of the month.
Here's a more detailed response to https://old.reddit.com/vertcoin/comments/96z77t/psa_easy_mine_problem/ - bear with me and put on your nerd hat for a few mins.
The stratum server for all EasyMine pools is node-merged-pool - a merge mining fork of node-stratum-pool. See my repo here @ https://github.com/nzsquirrell/node-merged-pool
This is what miners connect to for work and to submit valid shares on the search for blocks. The information that is exchanged in hex digits, and the data coming back from the miner includes the time, the job, ExtraNonce2 and nonce (see https://en.bitcoin.it/wiki/Stratum_mining_protocol#mining.submit). All of these fields are used to notify the server of valid work exceeding a specific difficulty.
Hex digits are not case-sensitive. So 'FF00AA11' is the same as 'ff00aa11'. Both equate to decimal 4278233617. So for the purposes of construction a block header, it doesn't matter if the hex digits are uppercase, lowercase, or a mixture of both - it all works out the same, and produces the same hash. Hold this thought.
The stratum server knows what shares each miner has submitted, it keeps a track of all of the data in an array. It checks every time that work is submitted that the same work hasn't been submitted before whilst searching for the next block. If it was submitted, then the new submission is rejected as duplicate work.
Now, where this has all gone wrong is that the way the data is stored in this array was a string containing the four fields mentioned above. Strings are case-sensitive and when making comparisons 'FF00AA11' != 'ff00aa11', as well as 'ff00aA11' and 'ff00AA11' and so on.... This allowed our attacker to submit the same work many many times, altering only the case of the hex digits (he was doing it to the nonce, but the other fields are also susceptible to the attack), so the logic to check for duplicate work wasn't firing, the shares were valid (as they produced a valid hash above difficulty), and our attacker was faking most of his hash-rate. A lot. A shit-ton of it.
I have fixed this in my fork of node-stratum-pool - the fix is very easy, we just make all the characters lower case before testing for duplicate shares. See https://github.com/nzsquirrell/node-merged-pool/commit/9d068535d042516835f565a859852c7cf715da98 for my fix.
My big concern is that the other forks I've seen for node-stratum-pool are susceptible to the attack, and quite possibly other pool software is too possibly even p2pool? I've not looked. If someone can check and let me know and I'll update this. p2pool has been confirmed as resilient to this type of attack.
So, Who-The-F&*k did this. This is what I have so far:
He's used the following VTC and NIX addresses:
I've seen connections coming in from the following IP addresses:
He is still attacking EasyMine, but it's not having any effect now. Actually the server keeps banning him now as it's detecting that he's submitting too many invalid shares. Take that.
The path forward
I have a big mess to clean up, he's made off with about 652 VTC and about 3576 NIX, essentially stolen from you miners. I will see what I can do to recover some of this (not all of it has been paid to him yet), but there is going to be a substantial shortfall. Mr Attacker, feel free to PM me and we can arrange a settlement :)
Payouts on both the VTC & NIX pools are suspended until i can clean this up, I hope this won't take more than a couple of days.
Thanks.
submitted by nzsquirrell to vertcoin [link] [comments]

Notes from Ethereum Core Devs Meeting #31 [1/12/18]

The next core dev meeting will be this Friday, January 26, 2018. The agenda and live stream link are located here.

Ethereum Core Devs Meeting 31 Notes

Meeting Date/Time: Friday 01/12/18 at 14:00 UTC

Meeting Duration: 1.5 hours

GitHub Agenda Page

Audio/Video of the meeting

Reddit thread

Agenda

  1. Testing Updates.
  2. Yellow paper update.
  3. EWASM update + update on the following related EIPs. a. EVM 2.0 - https://github.com/ethereum/EIPs/issues/48 b. Extend DUP1-16 / SWAP1-16 With DUPN / SWAPN - https://github.com/ethereum/EIPs/issues/174 c. Subroutines and Static Jumps for the EVM - https://github.com/ethereum/EIPs/issues/615
  4. Stateless client development.
  5. Add ECADD and ECMUL precompiles for secp256k1 - https://github.com/ethereum/EIPs/issues/603 [See this blog post for context].
  6. Introduce miner heuristic "Child pays for parent" (like in BTC) to combat the weird cases when transactions with 1000 Gwei stuck in the mempool (because they are dependent via nonce on transaction paying much less and not getting mined).
  7. Creating a relay network of nodes to mitigate issues described here and other transaction propagation issues.
  8. Fork release management/Constantinople.
  9. Client updates.
  10. Other non-agenda issues.

Notes

Video starts at [4:36].

[4:56] 1. Testing Updates

No updates.

[5:27] 2. Yellow paper update.

Gavin put the Yellow Paper under the Creative Commons Free Culture License CC-BY-SA. Yoichi and Nick Savers have been making progress handling the Yellow Paper PRs. There is still the somewhat unresolved issue of what should define the "formal standard" of Ethereum and should an update to the Yellow Paper or another specification be required for every new EIP. This can be discussed in more detail in future meetings when there is greater attendance.

[7:43] 3. EWASM update + update on the following related EIPs.

[7:55] General update

Ewasm contributors are currently meeting in person together in Lisbon. EWASM EIPs listed in the subpoints are not up to date and can be disregarded. People should use the github.com/EWASM/design repo. The design has been pretty much speced out in the last year. During the design phase there were 2 implementations done in parallel: Javascript and C++ (which can be integrated in cpp-ethereum and geth). Issues have been faced in building out EWASM including struggling with implementing synchronous code in Javascript/browser. Idea was to move to an asynchronous model. Currently there is not a full decision on using synchronous vs asynchronous, but we are leaning towards synchronous implementation in C++ to run a testnet in cpp-ethereum that can run pure Web Assembly contracts. Metering contract in Web Assembly is on the to-do list and doesn't rely on sync/async decision. Likely will take week to come to a decision on sync vs async. More technical discussion and a funny anecdote involving the asynchronous vs synchronous decision and the affects of the recent Spectre/Meltdown attacks start at [12:07].

[15:08] a. EVM 2.0 - https://github.com/ethereum/EIPs/issues/48

Martin Becze will be closing this EIP. It is outdated.

[15:28] b. Extend DUP1-16 / SWAP1-16 With DUPN / SWAPN - https://github.com/ethereum/EIPs/issues/174

This doesn't have to do with EWASM, it has to do with adding extra opcodes in the current EVM. It is an upgrade to EVM 1.0 which is not needed if we skip straight to EWASM.

[16:47] c. Subroutines and Static Jumps for the EVM - https://github.com/ethereum/EIPs/issues/615

Greg has been working with Seed (Gitter tag) who is writing an ELM formalization of the EIP. Greg says that there is no formal social process for deciding things like EVM 1.5 implementation so he is not sure if/when it would be implemented. Greg has been working on cleaning up the proposal for those who want to use it. Greg has some ideas around an EVM 3.0 that pulls everything together with transpilation that he hasn't started working on yet and is not sure if he will.

[20:14] 4. Stateless client development.

Piper left some comments about some development of a stateless client for sharding, but it is very early. Alexey had a blog post describing stateless clients he may re-approach later.

[21:46] 5. Add ECADD and ECMUL pre-compiles for secp256k1 - https://github.com/ethereum/EIPs/issues/603 [See this blog post for context].

This topic was brought up months ago with mixed commentary. Christian R. says that ECADD and ECMUL were never intended to be used for general purpose cryptography, but rather it was suppose to be used in conjunction with the pairing pre-compiles for a specific curve that is pairing friendly. Christian says that in the past it has been discussed that there must be a very compelling reason for adding a pre-compile to Ethereum. Silur mentioned that the Monero research team is working on a new ring signature (still unnamed) that can be viewed in the Monero repository. The EWASM team may run some tests to compare native running of the pre-compiles vs EWASM. Adding a new pre-compile would only give a constant speed-up or reduction in cost, but if we achieve the same thing in new virtual machine it will give us a constant speed-up for every conceivable routine and allows for building other schemes like Casper and TrueBit. This is easier with Web Assembly because we can use existing C code. For the moment it looks like focusing energy on adding these proposed pre-compiles would not be worth it compared to just waiting for the next VM (likely EWASM) which will allow far more speed-ups across all computational routines.

[37:00] 6. Introduce miner heuristic "Child pays for parent" (like in BTC) to combat the weird cases when transactions with 1000 Gwei stuck in the mempool (because they are dependent via nonce on transaction paying much less and not getting mined).

[Note: I tried my best to cover what was discussed here, but I am not an expert in Ethereum transactions. If you find a mistake please point it out to me. Thanks!] Agenda item brought up to get people's opinion on this topic. Currently in Ethereum there are transactions that are stuck in the mempool for a long time because of the way transaction ordering per account is handled. The nonce of a transaction must be greater than the previous mined transactions (or equal if you are trying to replace a transaction). For example you can't process transaction #27 before transaction #26 has been mined. Many of the stuck transactions are dependent on other transactions that pay a much smaller fee, but are not being mined. It seems people inadvertently send an initial transaction with too small of a fee and then more transactions at a higher nonce with a much higher fee that cannot be processed until the first small fee transaction is processed. Alexey wondered if this may pose an attack vector or if we would get a benefit from implementing "child pays for parent" like Bitcoin does. Peter explained even if you define the max amount of gas your transaction could potentially consume, there is no guarantee it will use that much and we won't know until the transaction is processed (the only guarantee is that 21,000 gas will be consumed - a plain ether transfer). The attack vector example would be someone pushing a transaction that truly consumes 3,000,000 gas and attach a transaction fee of 1 wei and then push another TX that claims to consume 3,000,000 gas but with a transaction fee of 1000gwei. From the outside it looks like I can both can be executed for profit from the miner's perspective, but in reality the 2nd transaction will be processed first and the 1st tx will be long running and indirectly punish the miner. Alexey was concerned about the mempool filling up and impact on clients due to the way nonces are handled. Peter clarified that transactions in the mempool in the go ethereum client only maintains the top 4,000 most expensive transactions. If your cheap transaction gets evicted, the expensive transactions you stacked on top of it get evicted as well because they are no longer executable due to the nonce.

[42:21] 7. Creating a relay network of nodes to mitigate issues described here and other transaction propagation issues.

A relay network in general is a group of peers and/or miners who use a peer list to quickly connect to a group of known peers before connecting to (or instead of connecting to) random peers using network discovery. Alexey conjectured that this may create a powerful ring of network players who can share transactions very quickly and hurt the little guys on the outside (hurting the idea of this being a mesh network of peers). Clarifications were made about the issues involving transaction propagation issues with nodes with high transaction throughput such as Infura and Bittrex. Clients suddenly stop pushing transactions or cannot keep up with the blockchain when they are pushing out so many transactions. Hudson will work towards exploring this issue more and connecting the people with the issues with the devs.

[49:45] 8. Fork release management/Constantinople.

Hudson will be working on writing up a starting plan to discuss potential release management issues. BitsBeTripping sent Hudson some good material about project management that he will review and bring to the next meeting. We need to start discussing Constantinople sooner rather than later.

[52:55] 9. Client updates.

10. Other non-agenda items

[1:05:42] Question: Will we see any scaling improvements from Constantinople?

Answer is no because it potentially includes the first steps of the Casper consensus protocol and some account abstraction EIPs, but both of those do not alleviate scaling issues. Sharding would alleviate some of the issues. We are currently mostly bound by database and processing speed due to the database. Short term there are a lot of client improvements that can be accomplished to improve disk I/O, but long term things like sharding will be necessary. The Eth Research site has a lot of interesting threads about sharding including merkle tree formats to be used and ideas around asynchronous accumulators

[1:09:57] Decision process for EIPs?

Needs to be improved. Hudson and others will work on updating EIP #1 and other improvements in Q1. Nick Savers has been added as an EIP editor. Yoichi has been added as an editor. Both are doing a great job.

Attendance

Alex Beregszaszi (EWASM/Solidity/ethereumJS), Alex Van de Sande (Mist/Ethereum Wallet), Alexey Akhunov (Turbo Geth), Ben Edgington (Consensys/Pegasys), Casey Detrio (Volunteer), Christian Reitwiessner (cpp-ethereum/Solidity), Daniel Ellison (Consensys/LLL), Greg Colvin (EVM), Hudson Jameson (Ethereum Foundation), Hugo de la Cruz (ethereumJS/EWASM), Jake Lang (EWASM), Jared Wasinger (ethereumJS/EWASM), Martin Becze (EWASM), Mikhail Kalinin (Harmony), Paweł Bylica (cpp-ethereum/EWASM), Péter Szilágyi (geth), Silur (ethereumJS / EWASM)
submitted by Souptacular to ethereum [link] [comments]

Let us not forget the original reason we needed the NYA agreement in the first place. Centralization in mining manufacturing has allowed for pools to grow too powerful, granting them the power to veto protocol changes, giving them bargaining powers where there should be none.

SegWit2x through the NYA agreement was a compromise with a group of Chinese mining pools who all march to the beat of the same drum. Antpool, ViaBTC, BTC.TOP, btc.com, CANOE, bitcoin.com are all financially linked or linked through correlated behavior. Antpool, ConnectBTC and btc.com being directly controlled by bitmain, and ViaBTC and Bitmain have a "shared investor relationship". If bitmain is against position A, then all those other pools have historically followed its footsteps. As Jimmy Song explains here the NYA compromise was because only a small minority of individuals with a disproportionate amount of hashrate were against Segwit (Bitmain and subsidiaries listed above), where the rest of the majority of signatories of NYA were pro-segwit. The purpose of the compromise was to prevent a chain split, which would cause damage to the ecosystem and a loss of confidence in bitcoin generally.
At current time of calculation, according to blockchain.info hashrate charts, these pools account for 47.6% of the hashrate. What does it matter if these pools are running a shell game of different subsidiaries or CEO's if they all follow a single individual's orders? 47.6% is enough hashrate right now to preform a 51% attack on the network with mining luck factored in. This statistic alone should demonstrate the enormous threat that Bitmain has placed on the entire bitcoin ecosystem. It has compromised the decentralized model of mining through monopolizing ASIC manufacturing which has lead to a scenario in which bitcoins security model is threatened.
But let us explore the reasoning behind these individuals actions by taking a look at history. First, Bitmain has consistently supported consensus breaking alternative clients by supporting bitcoin classic, supporting Bitcoin Unlimited and its horrifically broken "emergent consensus" algorithm, responding to BIP148 with a UAHF declaration, and then once realizing that BIP148/BIP91 would be successful at activating Segwit without splitting the network Bitmain abandoned its attempt at a "UAHF", and admitted that bitcoin cash is based on the UAHF on their blog post. The very notion of attempting to compromise with an entity to prevent a split that is supporting a split is illogical by nature and a pointless exercise.
Let us not forget that Bitmain was so diametrically opposed to Segwit that it sabatoged Litecoins Segwit Activation period to prevent Segwit from activating on Litecoin. Do these actions sound like a rational actor who has the best interests of bitcoin at heart? Or does this sound like an authoritarian regime that wants to stifle information at any cost to prevent the public from seeing the benefits that SegWit provides?
But the real question must still be asked. Why? Why would Bitmain who is so focused on increasing the blocksize to reduce fee pressure delay a protocol upgrade that both increases blocksize and reduces fee pressure? If miners are financially incentivized to behave in a way in which is economically favorable to bitcoin, then why would they purposefully sabatoge protocol improvements that will increase the long term success survival of bitcoin?
There is plenty of evidence that suggests covert ASICBOOST, a mechanism in which a ASIC miner short cuts bitcoins proof of work process (grinding nonce, transaction ordering) and an innovation that Bitmain holds a patent for in China is the real reason Bitmain originally blocked SegWits activation. It was speculated by Bitcoin Core developer Gregory Maxwell that this covert asicboost technology could earn Bitmain 100 Million dollars a year.
It is notable that Hardfork proposals that Bitmain has supported, such as Bitcoin Classic, Bitcoin Unlimited, Bitcoin ABC/Bcash and now SegWit2x all preserve Bitmains covert asicboost technology while Segwit the soft fork breaks asicboosts effectiveness.
But if that is not enough of a demonstration of rational economic incentives to behave in such a way, then what about irrational reasons such a idelogical positions or pride?
Its no secret that Chinese miners dislike for bitcoin core matured when the Hong Kong agreement was broken. Many miners have consistently rationlized "firing bitcoin core developers" and we even have a direct account from a bitpay employee that said Jihan directly told him that is his purpose is to "get rid of blockstream and core developers". And while the Hong Kong agreement being broken is quite the muddied waters, there is proof in the blockchain that chinese miners were the first to break the terms of the agreement by mining a block with a alternative client. Some bitcoin core developers continued to work on HardFork proposals despite this, offering up public proposals, BIPs and released code to attempt to satisfy the terms of the agreement. Yet only in hindsight did everyone realize that no individual or individuals can force the entire bitcoin network to upgrade. It is only through the slow methodical process of social consensus building that we can get such a large decentralized global network to agree to upgrade the protocol in a safe manner. Yet to this day we still have bitter idelogical wars over this HK agreement "being broken" despite how long ago, and how clear the situation is in hindsight.
When you take into account the historical record of these individuals and businesses actions it clearly demonstrates a pattern of behavior that undermines the long term health of bitcoin. When you analyze their behavior from a rational economic viewpoint, you can clearly see that they are sabatoging the long term health of bitcoin to preserve short term profits.
Considering this information, why would other bitcoin ecosystem businesses "compromise" with such a malicious actor? Let us not forget that these actors were the entire reason we needed to compromise in the first place went ahead and forked the bitcoin network already creating the first bitcoin-shared-history altcoin, Bitcoin ABC. So we compromised with people to prevent the spliting of bitcoin, so that they could go ahead and split bitcoin? What illogical insanity is this? Why would you "stick to your guns" on an agreement that was nullified the moment Bitmain and ViaBTC supported a hardfork outside of the S2X agreement? Doubly questionably is your support when the hardfork is highly contentious and guaranteed to cause a split, damage bitcoin, create chaos and damage global confidence.
A lot of the signatories of the NYA agreement are payment processors and gateway businesses. Their financial health depends upon short term growth of bitcoin to increase business activity and shore up investors capital with revenue from that transactional growth. Their priorities are to ensure short term growth and to appease their investors. But their actions demonstrate a type of cause and effect that often occurs in markets across the world. By redistributing network resource costs to node operators they are simply shuffling costs to the public so that they can benefit in the short term without needing to allocate extra capital.
But these actions do not benefit the health of bitcoin long term. Splitting the network, once again, does not increase confidence in the bitcoin network. It does not foster growth. Increasing the blocksize after segwit already increases the blocksize will not get us any closer to VISA transaction levels from a statistical viewpoint. Increasing the TPS from 3 to 7 when we need to get to 30,000 TPS is quite an illogical decision at face value. Increasing the blocksize on-chain to get to that level would destroy any pretense at decentralization long before we even came close, and without decentralization we have no cenosorship resistence, fungibility. These are fundamental to the value of bitcoin as a network and currency. Polymath and industry wide respected crypto expert Nick Szabo has written extensively on scaling bitcoin and why layer 2 networks are essential.
To all the Signatories of the SegWit2X I ask you - What are you trying to accomplish by splitting bitcoin once again? What consensus building have you done to ensure that bitcoin wont suffer a catastrophic contentious hard fork? As it stands right now I only see a portion of the economic actors in the bitcoin ecosystem supporting S2X. No where near enough to prevent miners from supporting the legacy chain when there will be a large portion of the economy still operating on the legacy chain preserving its value. Where there is money Its going to be extremely difficult to topple the status quo/legacy network and the cards are stacked against you. Without full consensus from the majority of developers, economic actors/nodes, exchanges, payment processors, gateways, wallets....you will only fork yourself from the legacy network and reap destruction and chaos as the legacy chain and S2X battle it out.
If you truly support bitcoin and are dedicated to the long term success of bitcoin and your business, then why would you engage/compromise with demonstratably malicious actors within the bitcoin ecosystem to accomplish a goal that was designed by them to further monopolize/centralize their control, at the destruction of bitcoins security model?
Bitcoin core developers are actually positive on hardforks and want to eventually increase the legacy blocksize, they just wish to do it in a responsible manner that does not put the network at risk like SegWit2x does.
Also, it seems a rational engineering choice to optimize and compress transactions/protocols before increasing the blocksize. Things like SegWit, Schnorr, MAST are all great examples of things Bitcoin Core has done and is doing to increase on-chain scaling technology to the long term benefit of bitcoin.
The fate of bitcoin will be determined by users who choose when how and where they transact. If businesses attempt to force them on the S2X chain they will abandon those businesses to use a servicor that does not attempt through coercion to force them upon a specific forked network.
Finally, without replay protection there can be no clean split and no free market mechanism to determine the winner. I understand that this is purposefully designed this way, to force a war between the legacy chain and S2X, but if you stand for everything bitcoin stands for, then you as central actors will not try to force people onto your chain. Instead, you should allow the market to decide which chain is more valuable.
If you will not abandon this poisonous hardfork pill then please advocate/lobby to add default replay protection to the btc1 codebase. You cannot claim Free Market principals and then on the other side of your mouth collude with central actors to force protocol changes upon users. Either you believe in bitcoin, or you are here to join the miners in their poorly disguised behaviors to monopolize, subvert and sabatoge bitcoin.
submitted by Cryptolution to Bitcoin [link] [comments]

TERA CRYPTO CURRENCY PROJECT

TERA is an open source and collaborative project. It means everyone can view and eventually modify its source code for hehis own needs. And it also means anyone is welcome to integrate its working community. The Tera community works to develop, deploy and maintain Tera nodes and decentralized applications that are part of the TERA Network.
The TERA technology serves the cryptocurrency concepts, trying to design a modern coins and contracts blockchain application : fast block generation, high transaction throughput and user-friendly application. It was officialy launched on 30th of June 2018 on the bitcointalk forum.
[Yuriy Ivanov](mailto:[email protected]) is the founder and core developer of the project. The Tera community is more familiar with the alias « vtools ».

USER FRIENDLY APPLICATION

In the aim to make this crypto currency project more friendly to end-users, some interesting innovations have been implemented in regards to the first generation of crpyto currency applications. The bitcoin and its thousands of child or fork, required a good level of IT skills in order to manage all the application chain from its own : from miners and its hardware, through stratum servers, proxies, to blockchain nodes. The Tera project intend to go one step further regarding crypto currency features integration into a single application : once installed, an efficient web application is available on localhost on port 8080. Then, any web browser supporting javascript may be able to access this application and to operate fully the Tera node.

MINING A CRYPTO CURRENCY

MINING CONCEPT

The mining activity consist in calling a mathematical procedure we can’t predict the result before we run it. But we intend to obtain a very specific result, which usually consist in a certain number of 0 as the first chars before any random answer. If we found the nonce (a random object) combined with the transaction data and the coin algorithm that produce such result, we’ll have solve a transaction block and we’ll get a reward for that. Thanks to this work, the transaction listed in the block will be added to the blockchain and anyone will be able to check our work. That’s the concept of ‘proof of work’ allowing anyone to replay the mathematical procedure with the nonce discovered by the node that solved the block and to confirm block inclusion into the blockchain.

POLITICAL AND ETHICAL CONSIDERATIONS

The Tera project is young. It will have to face the same problems is facing today the Bitcoin platform :
Any Crypto Currency Project with the goal its money and contracts to be used as any other historical money or service contract has to consider its political and ethical usage. Processes have to be imagined, designed and implemented in order to be able to fight against extortion, corruption and illegal activities threating crypto-currency development.

FAST BLOCK GENERATION AND HIGH THROUGHPUT

CLASSIC CRYPTO CURRENCY FEATURES

wallet, accounts, payments, mining, node settings and utilities, blockchain explorer and utilities…

DECENTRALIZED APP CATALOGUE

d-app : forum, stock exchange, payment plugins for third party platform, …

TECHNOLOGY DEPENDENCIES

Tera is entirely written in Java) over the NodeJS library as functional layer in order to take advantages of a robust and high level library designed to allow large and effective network node management.
The miner part is imported from an external repository and is written in C in order to get the best performances for this module.
Tera is actually officially supported on Linux and Windows.
If you start mining Tera thanks to this article, you can add my account 188131 as advisor to yours. On simple demand I’ll refund you half of the extra coins generated for advisors when you’ll solve blocks (@freddy#8516 on discord).

MINING TERA

Mining Tera has one major design constraint : you need one public IP per Tera node or miner. Yet, you can easily mine it on a computer desktop at home. The mining algorithm has been designed in order to be GPU resistant. In order to mine Tera coin you’ll need a multi-core processor (2 minimum) and some RAM, between 1 and 4GB per process that will mine. The mining reward level depends of the « power » used to solve a block (Top Tera Miners).

COST AND USAGE CONSIDERATIONS

There is two main cost centers in order to mine a crypto currency :
  1. the cost of the hardware and the energy required to make a huge amount of mathematical operations connected to the blockchain network through the Internet,
  2. the human cost in order to deploy, maintain and keep running miners and blockchain nodes.
As the speculation actually drives the value of crypto currencies, it is not possible to answer if the mining activity is profitable or not. Moreover, hardware, energy and human costs are not the same around the globe. To appreciate if mining a crypto currency is profitable we should take all indirect costs : nature cost (for hardware and energy production), human cost (coins and contracts usage, social rights of blockchain workers).

Original: https://freddy.linuxtribe.frecherche-et-developpement/blockchain-cryptocurrency-mining/tera-crypto-currency-project/
Author: Freddy Frouin, [email protected].
submitted by Terafoundation to u/Terafoundation [link] [comments]

Attempted explanation of the alleged ASICBOOST issue /r/Bitcoin

Attempted explanation of the alleged ASICBOOST issue /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Great interview questions for bitcoin engineers

From here...
https://bitcointalk.org/index.php?topic=5006583.0
Questions. Chapter 1: Introduction 1. What are the main Bitcoin terms? 2. What is a Bitcoin address? 3. What is a Bitcoin transaction? 4. What is a Bitcoin block? 5. What is a Bitcoin blockchain? 6. What is a Bitcoin transaction ledger? 7. What is a Bitcoin system? What is a bitcoin (cryptocurrency)? How are they different? 8. What is a full Bitcoin stack? 9. What are two types of issues that digital money have to address? 10. What is a “double-spend” problem? 11. What is a distributed computing problem? What is the other name of this problem? 12. What is an election? 13. What is a consensus? 14. What is the name of the main algorithm that brings the bitcoin network to the consensus? 15. What are the different types of bitcoin clients? What is the difference between these clients? Which client offers the most flexibility? Which client offers the least flexibility? Which client is the most and least secure? 16. What is a bitcoin wallet? 17. What is a confirmed transaction and what is an unconfirmed transaction? Chapter 2: How Bitcoin works. 1. What is the best way to understand transactions in the Bitcoin network? 2. What is a transaction? What does it contain? What is the similarity of a transaction to a double entry ledger? What does input correspond to? What does output correspond to? 3. What are the typical transactions in the bitcoin network? Could you please name three of such transactions and give examples of each type of the transaction? 4. What is a QR and how it is used in the Bitcoin network? Are there different types of QRs? If so, what are the different types? Which type is more informational? What kind of information does it provide? 5. What is SPV? What does this procedure check and what type of clients of the Bitcoin network usually use this procedure? Chapter 3: The Bitcoin client. 1. How to download and install the Core Bitcoin client? 2. What is the best way to test the API available for the Core Bitcoin client without actually programming? What is the interface called? 3. What are the major areas of operations in the Bitcoin client? What can we do with the client? 4. What are the available operations for the Bitcoin addresses? 5. What are the available read operations for the Bitcoin transactions? How is a transaction encoded in the Bitcoin network? What is a raw transaction and what is a decoded transaction? 6. If I want to get information about a transaction that is not related to any address in my own wallet, do I need to change anything in the Bitcoin client configuration? If yes, which option do I need to modify? 7. What are the available read operation for the Bitcoin blocks? 8. What are the available operations for the creation of the transactions in the Bitcoin network? 9. How do you normally need to address the unspent output from the previous transaction in order to use it as an input for a new transaction? 10. What is the mandatory operation after creating a new transaction and before sending this new transaction to the network? What state does the wallet have to be in order to perform this operation? 11. Is the transaction ID immutable (TXID)? If not why, if yes, why and when? 12. What does signing a transaction mean? 13. What are the other options for Bitcoin clients? Are there any libraries that are written for some specific languages? What types of clients do these libraries implement? Chapter 4: Keys, Addresses and Wallets. 1. What is a PKC? When it was developed? What are the main mathematical foundations or functions that PKC is using? 2. What is ECC? Could you please provide the formula of the EC? What is the p and what is the Fp? What are the defined operations in ECC? What is a “point to infinity”? 3. What is a Bitcoin wallet? Does this wallet contain coins? If not, what does it contain then? 4. What is a BIP? What it is used for? 5. What is an encrypted private key? Why would we want to encrypt private keys? 6. What is a paper wallet? What kind of storage it is an example of? 7. What is a nondeterministic wallet? Is it a good wallet or a bad wallet? Could you justify? 8. What is a deterministic wallet? 9. What is an HD wallet? 10. How many keys are needed for one in and out transaction? What is a key pair? Which keys are in the key pair? 11. How many keys are stored in a wallet? 12. How does a public key gets created in Bitcoin? What is a “generator point”? 13. Could you please show on a picture how ECC multiplication is done? 14. How does a private key gets created in Bitcoin? What we should be aware of when creating a new private key? What is CSPRNG? What kind of input should this function be getting? 15. What is a WIF? What is WIF-Compressed? 16. What is Base58 encoding and what is Base58Check encoding? How it is different from Base64 encoding? Which characters are used in Base58? Why Base58Check was invented? What kind of problems does it solve? How is Base58Check encoding is created from Base58 encoding? 17. How can Bitcoin addresses be encoded? Which different encodings are used? Which key is used for the address creation? How is the address created? How this key is used and what is the used formula? 18. Can we visually distinguish between different keys in Base58Check format? If yes, how are they different from each other? What kind of prefixes are used? Could you please provide information about used prefixes for each type of the key? 19. What is an index in HD wallets? How many siblings can exist for a parent in an HD wallet? 20. What is the depth limitation for an HD wallet key hierarchy? 21. What are the main two advantages of an HD wallet comparing to the nondeterministic wallets? 22. What are the risks of non-hardened keys creation in an HD wallet? Could you please describe each of them? 23. What is a chain code in HD wallets? How many different chain code types there are? 24. What is the mnemonic code words? What are they used for? 25. What is a seed in an HD wallet? Is there any other name for it? 26. What is an extended key? How long is it and which parts does it consist of? 27. What is P2SH address? What function are P2SH addresses normally used for? Is that correct to call P2SH address a multi-sig address? Which BIP suggested using P2SH addresses? 28. What is a WIF-compressed private key? Is there such a thing as a compressed private key? Is there such a thing as a compressed public key? 29. What is a vanity address? 30. What is a vanity pool? 31. What is a P2PKH address? What is the prefix for the P2PKH address? 32. How does the owner prove that he is the real owner of some address? What does he have to represent to the network to prove the ownership? Why a perpetrator cannot copy this information and reuse it in the next transactions? 33. What is the rule for using funds that are secured by a cold storage wallet? How many times you can send to the address that is protected by the private key stored in a cold storage? How many times can you send funds from the address that is protected by the private key stored in a cold storage? Chapter 5: Transactions. 1. What is a transaction in Bitcoin? Why is it the most important operation in the Bitcoin ecosystem? 2. What is UTXO? What is one of the important rules of the UTXO? 3. Which language is used to write scripts in Bitcoin ecosystem? What are the features of this language? Which language does it look like? What are the limitations of this language? 4. What is the structure of a transaction? What does transaction consists of? 5. What are the standard transactions in Bitcoin? How many standard transactions there are (as of 2014)? 6. What is a “locking script” and what is an “unlocking script”? What is inside these scripts for a usual operation of P2PKH? What is a signature? Could you please describe in details how locking and unlocking scripts work and draw the necessary diagrams? 7. What is a transaction fee? What does the transaction fee depend on? 8. If you are manually creating transactions, what should you be very careful about? 9. Could you please provide a real life scenario when you might need a P2SH payment and operation? 10. What is the Script operation that is used to store in the blockchain some important data? Is it a good practice? Explain your answer. Chapter 6: The Bitcoin Network. 1. What is the network used in Bitcoin? What is it called? What is the abbreviation? What is the difference between this network architecture and the other network architectures? Could you please describe another network architecture and compare the Bitcoin network and the other network architectures? 2. What is a Bitcoin network? What is an extended Bitcoin network? What is the difference between those two networks? What are the other protocols used in the extended Bitcoin network? Why are these new protocols used? Can you give an example of one such protocol? What is it called? 3. What are the main functions of a bitcoin node? How many of them there are? Could you please name and describe each of them? Which functions are mandatory? 4. What is a full node in the Bitcoin network? What does it do and how does it differ from the other nodes? 5. What is a lightweight node in the Bitcoin network? What is another name of the lightweight node? How lightweight node checks transactions? 6. What are the main problems in the SPV process? What does SPV stand for? How does SPV work and what does it rely on? 7. What is a Sybil attack? 8. What is a transaction pool? Where are transaction pools stored in a Bitcoin network client? What are the two different transaction pools usually available in implementations? 9. What is the main Bitcoin client used in the network? What is the official name of the client and what is an unofficial name of this client? 10. What is UTXO pool? Do all clients keep this pool? Where is it stored? How does it differ from the transaction pools? 11. What is a Bloom filter? Why are Bloom filters used in the Bitcoin network? Were they originally used in the initial SW or were they introduced with a specific BIP? Chapter 7: The Blockchain. 1. What is a blockchain? 2. What is a block hash? Is it really a block hash or is it a hash of something else? 3. What is included in the block? What kind of information? 4. How many parents can one block have? 5. How many children can one block have? Is it a temporary or permanent state of the blockchain? What is the name of this state of the blockchain? 6. What is a Merkle tree? Why does Bitcoin network use Merkle trees? What is the advantage of using Merkle trees? What is the other name of the Merkle tree? What kind of form must this tree have? 7. How are blocks identified in the blockchain? What are the two commonly used identities? Are these identities stored in the blockchain? 8. What is the average size of one transaction? How many transactions are normally in one block? What is the size of a block header? 9. What kind of information do SPV nodes download? How much space do they save by that comparing to what they would need if they had to download the whole blockchain? 10. What is a usual representation of a blockchain? 11. What is a genesis block? Do clients download this block and if yes – where from? What is the number of the genesis block? 12. What is a Merkle root? What is a Merkle path? Chapter 8: Mining and Consensus. 1. What is the main purpose of mining? Is it to get the new coins for the miners? Alternatively, it is something else? Is mining the right or good term to describe the process? 2. What is PoW algorithm? 3. What are the two main incentives for miners to participate in the Bitcoin network? What is the current main incentive and will it be changed in the future? 4. Is the money supply in the Bitcoin network diminishing? If so, what is the diminishing rate? What was the original Bitcoin supply rate and how is it changed over time? Is the diminishing rate time related or rather block related? 5. What is the maximum number of Bitcoins available in the network after all the Bitcoins have been mined? When will all the Bitcoins be mined? 6. What is a decentralized consensus? What is a usual setup to clear transactions? What does a clearinghouse do? 7. What is deflationary money? Are they good or bad usually? What is the bad example of deflationary spiral? 8. What is an emergent consensus? What is the feature of emergent consensus? How does it differ from a usual consensus? What are the main processes out of which this emergent decentralized consensus becomes true? 9. Could you please describe the process of Independent Transaction Verification? What is the list of criteria that are checked against a newly received transaction? Where can these rules be checked? Can they be changed over time? If yes, why would they be changed? 10. Does mining node have to be a full node? If not, what are the other options for a node that is not full to be a mining node? 11. What is a candidate block? What types of nodes in the Bitcoin network create candidate blocks? What is a memory pool? Is there any other name of the memory pool? What are the transactions kept in this memory pool? 12. How are transactions added to the candidate block? How does a candidate block become a valid block? 13. What is the minimum value in the Bitcoin network? What is it called and what is the value? Are there any alternative names? 14. What is the age of the UTXO? 15. How is the priority of a transaction is calculated? What is the exact formula? What are the units of each contributing member? When is a transaction considered to be old? Can low priority transactions carry a zero fee? Will they be processed in this case? 16. How much size in each block is reserved for high priority transactions? How are transactions prioritized for the remaining space? 17. Do transactions expire in Bitcoin? Can transactions disappear in the Bitcoin network? If yes, could you please describe such scenario? 18. What is a generation transaction? Does it have another name? If it does, what is the other name of the transaction? What is the position of the generation transaction in the block? Does it have an input? Is the input usual UTXO? If not – what is the input called? How many outputs there are for the generation transaction? 19. What is the Coinbase data? What is it currently used for? 20. What is little-endian and big-endian formats? Could you please give an example of both? 21. How is the block header constructed? Which fields are calculated and added to the block header? Could you please describe the steps for calculation of the block header fields? 22. What is a mantissa-exponent encoding? How is this encoding used in the Bitcoin network? What is the difficulty target? What is the actual process of mining? What kind of mathematical calculation is executed to conduct mining? 23. Which hash function is used in the Bitcoin mining process? 24. Could you describe the PoW algorithm? What features of the hash function does it depend on? What is the other name of the hash function? What is a nonce? How can we increase the difficulty of the PoW calculation? What do we need to change and how do we need to change this parameter? 25. What is difficulty bits notation? Could you please describe in details how it works? What is the formula for the difficulty notation? 26. Why is difficulty adjustable? Who adjusts it and how exactly? Where is the adjustment made? On which node? How many blocks are taken into consideration to predict the next block issuance rate? What is the change limitation? Does the target difficulty depend on the number of transactions? 27. How is a new block propagated in the network? What kind of verification does each node do? What is the list of criteria for the new block? What kind of process ensures that the miners do not cheat? 28. How does a process of block assembly work? What are the sets of blocks each full node have? Could you please describe these sets of blocks? 29. What is a secondary chain? What does each node do to check this chain and perhaps to promote it to the primary chain? Could you please describe an example when a fork occurs and what happens? 30. How quickly forks are resolved most of the time? Within how many new block periods? 31. Why the next block is generated within 10 minutes from the previous? What is this compromise about? What do designers of the Bitcoin network thought about when implementing this rule? 32. What is a hashing race? How did Bitcoin hashing capacity has changed within years from inception? What kind of hardware devices were initially used and how did the HW utilization evolved? What kind of hardware is used now to do mining? How has the network difficulty improved? 33. What is the size of the field that stores nonce in the block header? What is the limitation and problem of the nonce? Why was an extra nonce created? Was there any intermediate solution? If yes, what was the solution? What are the limitations of the solution? 34. What is the exact solution for the extra nonce? Where does the new space come from? How much space is currently used and what is the range of the extra nonce now? 35. What is a mining pool? Why was it created? How are normally such pools operated? Do they pay regularly to the pool participants? Where are newly created Bitcoins distributed? To which address? How do mining pools make money? How do the mining pools calculate the participation? How are shares earned calculated? 36. What is a managed pool? How is the owner of the pool called? Do pool members need to run full nodes? Explain why or why not? 37. What are the most famous protocols used to coordinate pool activities? What is a block template? How is it used? 38. What is the limitation of a centralized pool? Is there any alternative? If yes, what is it? How is it called? How does it work? 39. What is a consensus attack? What is the main assumption of the Bitcoin network? What can be the targets of the consensus attacks? What can these attacks do and what they cannot do? How much overall capacity of the network do you have to control to exercise a consensus attack? Chapter 9: Alternative Chains, Currencies and Applications. 1. What is the name of alternative coins? Are they built on top of the Bitcoin network? What are examples of them? Is there any alternative approach? Could you please describe some alternatives? 2. Are there any alternatives to the PoW algorithm? If yes – what are the alternatives? Could you please name two or three? 3. What is the operation of the Script language that is used to store a metadata in Bitcoin blockchain? 4. What is a coloured coin? Could you please explain how it is created and how it works? Do you need any special SW to manage coloured coins? 5. What is the difference between alt coins and alt chains? What is a Litecoin? What are the major differences between the Bitcoin and Litecoin? Why so many alt coins have been created? What are they usually based on? 6. What is Scrypt? Where is it used and how is it different from the original algorithm from which it has been created? 7. What is a demurrage currency? Could you please give an example of one blockchain and crypto currency that is demurrage? 8. What is a good example of an alternative algorithm to PoW? What is it called and how is it different from the PoW? Why the alternatives to Bitcoin PoW have been created? What is the main reason for this? What is dual-purpose PoW algorithms? Why have they been created? 9. Is Bitcoin “anonymous” currency? Is it difficult to trace transactions and understand someone’s spending habits? 10. What is Ethereum? What kind of currency does it use? What is the difference from Bitcoin? Chapter 10: Bitcoin security. 1. What is the main approach of Bitcoin security? 2. What are two common mistakes made by newcomers to the world of Bitcoin? 3. What is a root of trust in traditional security settings? What is a root of trust in Bitcoin network? How should you assess security of your system? 4. What is a cold storage and paper wallet? 5. What is a hardware wallet? How is it better than storing private keys on your computer or your smart phone?
submitted by 5tu to BitcoinTechnology [link] [comments]

Non-Contentious Alternative to A Fork: Symbiosis Instead Of Quarrel: One-Way-Peg Sidechain: Good For "Small-Blockers" As Well As "Pragmatics"! The Best From Both Philosophies: Conservatism For Bitcoin-Core, Unleashing Full On-Chain Utility Of Bitcoin Unlimited. All Groups Mutually Benefit.

Sorry for the long post - but I think it should really be read and understood by everybody concerned with the idea of launching a "Higher-Capacity Bitcoin", by everybody concerned with Bitcoin security and decentralization, and by everybody concerned with Bitcoin price!
Description Of The Concept:
Consequences Of This Solution - Characteristics:
  1. Every user who owns BTC-c can directly "convert" it 1:1 to BTC-u by a simple transfer to unspendable address "1transferAddressToBitcoinUsab1eGh5W".
  2. Optionally, the user could of course "convert it" via a classical exchange market, if the exchange market allows trade in BTC-c and BTC-u.
  3. Every User who owns BTC-u can only convert it (back) to BTC-c via a normal crypto-currency exchange market (because we have a ONE way peg without any modifications of the Bitcoin-core protocol, we cannot do it on protocol level!). While this is not a big difference microscopically from individual user perspective (if exchanges are well-integrated in apps and exchange fees are low), it does make a difference macro-economically, because BTCs can only drain in one direction, long-term, and never back.
Some Thoughts On Market Dynamics To Be Expected:
(I assume that the following "phases" will span over MANY years)
Thoughts On Exchange Rate Evolutions To Be Expected:
  • Phase 1:
    • A BTC-u unit is expected to be valued less than BTC-c, because you cannot really do anything meaningful with BTC-u yet, and after all, each owner of BTC-c can exchange it for a unit of BTC-u 1:1, so there is no reason why the free markets should give BTC-u a higher valuation than a BTC-c! If this were the case traders would immediately exchange BTC-c for BTC-u on protocol level and take the arbitrage gains. So market forces alone will keep the price of BTC-u below the price of BTC-c, except for very short periods of time (which will probably not occur at all in this "phase 1").
    • Only some tech geeks and early adopters will hence exchange some BTC-c for BTC-u, more for idealistic reasons or for "trying things out" than for trading and financial reasons.
  • Phase 2:
    • BTC-u's advantage in terms of practical utility vs. BTC-c becomes more and more apparent, such that BTC-u price gets closer and closer to BTC-c price on the markets.
    • As BTC-c hodlers keep on standing by their BTC-c, the number of BTC-u in circulation remains low! Users who want to make use of BTC-u's new utility (high TX capacity) have to aquire BTC-u either via protocol-level exchange (destroy BTC-c to get BTC-u), or via the exchanges - whatever is more convenient and attractive. Since BTC-u is still valued lower than BTC-c, they would make the better deal by going via the exchanges (as long as the [small] exchange market fee is less than the difference between BTC-c and BTC-u exchange rate, which can be expected to be the case for quite a while)! This would keep BTC-u supply low and hence it would keep BTC-u price high. And of course, since price(BTC-c) >= price(BTC-u) due to the one-way peg, BTC-c price benefits equally from this!
  • Phase 3:
    • If BTC-u fails for technical or other reasons, its price collapses and the whole experiment becomes history. The number of BTC-c spendable has been reduced due to this experiment, so each BTC-c unit becomes more rare and hence more valuable in price.
    • Otherwise, the demand for BTC-u from practical usage gets even higher, while the total number of BTC-u units in existence are pretty limited. This puts enormous upwards price pressure to BTC-u, and thereby also to BTC-c, to lift up BTC valuation, such that all BTC-u real-world usages can be fulfilled. BTC-c and BTC-u prices are very close, and at certain times of very high demand for BTC-u it even happens that BTC-u is valued higher than BTC-c on some exchanges. When this happens, arbitrage traders will kick in and buy the currently cheaper BTC-c, convert them to higher valued BTC-u by protocol means, and cell the more expensive BTC-u on the market. So such situations won't endure very long and will only serve market pressures in case of severe shortages of BTC-u coins.
DIFFerences and ADVantages Of This Strategy Vs. A "Normal Fork":
  • Both in common: No Dillution or Inflation:
    • In case of a normal fork, the total number of Bitcoins will double from 21 Million to 42 Million, because both forked chains will eventually have 21 Million, respectively. This inflation of Bitcoins is compensated by the fact that each pre-fork Bitcoin owner will also double his owned Bitcoin, so there should be no net penalty by principle.
    • In contrast, with "Bitcoin-Usable", the total(!) number of spendable Bitcoins will never be higher than 21 Million, counting BTC-c and BTC-u together.
    • Hence, even if it looks different in nominal coin units, the net effect is the same: No coins are inflated or diluted and every owner of bitcoins keeps his/her stake, nobody is at a disadvantage.
  • Symbiosis instead of Competition:
    • With "Bitcoin-Usable", bitcoin-core price will fully benefit from the success of the "Bitcoin-Unlimited" or "bigger blocksize" approach of "Bitcoin-Usable". This means that Bitcoin-core hodlers have full self-interest that "Bitcoin-Usable" becomes a success!
    • This is in stark contrast to the "fork" scenario, where the two forks will be competitors and may continue propagating their different philosophies on the different media channels. This not always friendly atmosphere and way of discussion may harm both sides! In the "Bitcoin-Usable" solution instead, both sides can still propagate their own views positively, without any need to talk negatively about the other side, because there is no competition but on the contrary mutual benefit!
    • Hence there would be no incentive from Bitcoin-Core supporters to DoS the "competing" bigger-block-chain - on the contrary they have an interest for that chain to succeed.
  • All fully validating "Bitcoin-Usable" nodes are also fully validating "Bitcoin-core" nodes (but not vice versa). Hence the number of bitcoin-core nodes can only increase compared to today in case "Bitcoin-Usable" becomes a big success, thereby also making the Bitcoin-core network more stable and powerful. So Bitcoin-Core benefits from "Bitcoin-Usable" not only w.r.t. price, but also w.r.t. security! (apart from that, price rise alone has a positive effect on security [via hash power] on its own already)
  • Since Bitcoin-Usable's block sizes and blockchain size are expected to become significantly greater than that of bitcoin-core on the long term, the additional burden that "Bitcoin-Usable" has by also having to observe the Bitcoin-Core blockchain is rather negligible, so in this respect there is no relevant difference between the two solutions.
  • As explained above, the mechanism of the one-way-peg in combination with the market mechanisms on price (low supply of BTC-u vs. high demand as a utility, and the constraint price(BTC-c) >= price(BTC-u)) creates a strong up-force of the Bitcoin price (for both bitcoins), originated by the additional applications of "Bitcoin-Usable". Again, BTC-c fully benefits from this.
  • No replay attack is possible even for identical TX formats in the protocol, because "Bitcoin-Usable" does not share Bitcoin-Core's blockchain history. Hence even better code re-use is possible - the only differences being block size limit and address format (first digit 2/4 vs. 1/3) and the lack of a block reward. And of course the observation of the "other" blockchain and the coin generation after coin destruction (one way peg implementation).
submitted by 1MichaS1 to btcfork [link] [comments]

BIP proposal: Inhibiting a covert attack on the Bitcoin POW function | Gregory Maxwell | Apr 05 2017

Gregory Maxwell on Apr 05 2017:
A month ago I was explaining the attack on Bitcoin's SHA2 hashcash which
is exploited by ASICBOOST and the various steps which could be used to
block it in the network if it became a problem.
While most discussion of ASICBOOST has focused on the overt method
of implementing it, there also exists a covert method for using it.
As I explained one of the approaches to inhibit covert ASICBOOST I
realized that my words were pretty much also describing the SegWit
commitment structure.
The authors of the SegWit proposal made a specific effort to not be
incompatible with any mining system and, in particular, changed the
design at one point to accommodate mining chips with forced payout
addresses.
Had there been awareness of exploitation of this attack an effort
would have been made to avoid incompatibility-- simply to separate
concerns. But the best methods of implementing the covert attack
are significantly incompatible with virtually any method of
extending Bitcoin's transaction capabilities; with the notable
exception of extension blocks (which have their own problems).
An incompatibility would go a long way to explain some of the
more inexplicable behavior from some parties in the mining
ecosystem so I began looking for supporting evidence.
Reverse engineering of a particular mining chip has demonstrated
conclusively that ASICBOOST has been implemented
in hardware.
On that basis, I offer the following BIP draft for discussion.
This proposal does not prevent the attack in general, but only
inhibits covert forms of it which are incompatible with
improvements to the Bitcoin protocol.
I hope that even those of us who would strongly prefer that
ASICBOOST be blocked completely can come together to support
a protective measure that separates concerns by inhibiting
the covert use of it that potentially blocks protocol improvements.
The specific activation height is something I currently don't have
a strong opinion, so I've left it unspecified for the moment.
BIP: TBD
Layer: Consensus
Title: Inhibiting a covert attack on the Bitcoin POW function
Author: Greg Maxwell
Status: Draft
Type: Standards Track
Created: 2016-04-05
License: PD
==Abstract==
This proposal inhibits the covert exploitation of a known
vulnerability in Bitcoin Proof of Work function.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
==Motivation==
Due to a design oversight the Bitcoin proof of work function has a potential
attack which can allow an attacking miner to save up-to 30% of their energy
costs (though closer to 20% is more likely due to implementation overheads).
Timo Hanke and Sergio Demian Lerner claim to hold a patent on this attack,
which they have so far not licensed for free and open use by the public.
They have been marketing their patent licenses under the trade-name
ASICBOOST. The document takes no position on the validity or enforceability
of the patent.
There are two major ways of exploiting the underlying vulnerability: One
obvious way which is highly detectable and is not in use on the network
today and a covert way which has significant interaction and potential
interference with the Bitcoin protocol. The covert mechanism is not
easily detected except through its interference with the protocol.
In particular, the protocol interactions of the covert method can block the
implementation of virtuous improvements such as segregated witness.
Exploitation of this vulnerability could result in payoff of as much as
$100 million USD per year at the time this was written (Assuming at
50% hash-power miner was gaining a 30% power advantage and that mining
was otherwise at profit equilibrium). This could have a phenomenal
centralizing effect by pushing mining out of profitability for all
other participants, and the income from secretly using this
optimization could be abused to significantly distort the Bitcoin
ecosystem in order to preserve the advantage.
Reverse engineering of a mining ASIC from a major manufacture has
revealed that it contains an undocumented, undisclosed ability
to make use of this attack. (The parties claiming to hold a
patent on this technique were completely unaware of this use.)
On the above basis the potential for covert exploitation of this
vulnerability and the resulting inequality in the mining process
and interference with useful improvements presents a clear and
present danger to the Bitcoin system which requires a response.
==Background==
The general idea of this attack is that SHA2-256 is a merkle damgard hash
function which consumes 64 bytes of data at a time.
The Bitcoin mining process repeatedly hashes an 80-byte 'block header' while
incriminating a 32-bit nonce which is at the end of this header data. This
means that the processing of the header involves two runs of the compression
function run-- one that consumes the first 64 bytes of the header and a
second which processes the remaining 16 bytes and padding.
The initial 'message expansion' operations in each step of the SHA2-256
function operate exclusively on that step's 64-bytes of input with no
influence from prior data that entered the hash.
Because of this if a miner is able to prepare a block header with
multiple distinct first 64-byte chunks but identical 16-byte
second chunks they can reuse the computation of the initial
expansion for multiple trials. This reduces power consumption.
There are two broad ways of making use of this attack. The obvious
way is to try candidates with different version numbers. Beyond
upsetting the soft-fork detection logic in Bitcoin nodes this has
little negative effect but it is highly conspicuous and easily
blocked.
The other method is based on the fact that the merkle root
committing to the transactions is contained in the first 64-bytes
except for the last 4 bytes of it. If the miner finds multiple
candidate root values which have the same final 32-bit then they
can use the attack.
To find multiple roots with the same trailing 32-bits the miner can
use efficient collision finding mechanism which will find a match
with as little as 216 candidate roots expected, 224 operations to
find a 4-way hit, though low memory approaches require more
computation.
An obvious way to generate different candidates is to grind the
coinbase extra-nonce but for non-empty blocks each attempt will
require 13 or so additional sha2 runs which is very inefficient.
This inefficiency can be avoided by computing a sqrt number of
candidates of the left side of the hash tree (e.g. using extra
nonce grinding) then an additional sqrt number of candidates of
the right side of the tree using transaction permutation or
substitution of a small number of transactions. All combinations
of the left and right side are then combined with only a single
hashing operation virtually eliminating all tree related
overhead.
With this final optimization finding a 4-way collision with a
moderate amount of memory requires ~224 hashing operations
instead of the >228 operations that would be require for
extra-nonce grinding which would substantially erode the
benefit of the attack.
It is this final optimization which this proposal blocks.
==New consensus rule==
Beginning block X and until block Y the coinbase transaction of
each block MUST either contain a BIP-141 segwit commitment or a
correct WTXID commitment with ID 0xaa21a9ef.
(See BIP-141 "Commitment structure" for details)
Existing segwit using miners are automatically compatible with
this proposal. Non-segwit miners can become compatible by simply
including an additional output matching a default commitment
value returned as part of getblocktemplate.
Miners SHOULD NOT automatically discontinue the commitment
at the expiration height.
==Discussion==
The commitment in the left side of the tree to all transactions
in the right side completely prevents the final sqrt speedup.
A stronger inhibition of the covert attack in the form of
requiring the least significant bits of the block timestamp
to be equal to a hash of the first 64-bytes of the header. This
would increase the collision space from 32 to 40 or more bits.
The root value could be required to meet a specific hash prefix
requirement in order to increase the computational work required
to try candidate roots. These change would be more disruptive and
there is no reason to believe that it is currently necessary.
The proposed rule automatically sunsets. If it is no longer needed
due to the introduction of stronger rules or the acceptance of the
version-grinding form then there would be no reason to continue
with this requirement. If it is still useful at the expiration
time the rule can simply be extended with a new softfork that
sets longer date ranges.
This sun-setting avoids the accumulation of technical debt due
to retaining enforcement of this rule when it is no longer needed
without requiring a hard fork to remove it.
== Overt attack ==
The non-covert form can be trivially blocked by requiring that
the header version match the coinbase transaction version.
This proposal does not include this block because this method
may become generally available without restriction in the future,
does not generally interfere with improvements in the protocol,
and because it is so easily detected that it could be blocked if
it becomes an issue in the future.
==Ba...[message truncated here by reddit bot]...
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/013996.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Answers to common questions about Ethereum (FAQ)

I'll try my best to answer some of the most common questions that I've seen around regarding Ethereum, if you've got any questions that I haven't covered here, feel free to ask in comments.
To protect the network again spam, without transaction fees one could effectively DoS attack the network by sending 0 Ethers to himself infinite times. Transaction fees is effectively DDoS protection as it would cost massive amounts of money to spam the network.
No, not really; for transfering Ether between normal wallets it can (usually 21000). However, for interacting with Smart Contracts it's impossible to know due to the famous Halting Problem. You can never know in advance whether a contract code could loop indefinitely; if it does you can lose your entire balance of Ethers without an upper limit specified (and loop whatever machine is attempting to mine the transaction). Gas Limit is effectively a safe-guard against infinite loops, without an upper limit an infinite amount of Ethers would be consumed as a fee for an infinite duration of time if a contract loops.
ERC20 tokens are "assigned" to wallets by their respective Smart Contracts. You do not "hold" your tokens as you do your Ethers; instead Token Trackers keep a track of all ERC20 transactions and know which wallet owns how many. Therefore, to move your ERC20 between wallets, you need to request their respective Smart Contract to do it for you (because only that contract can actually move them around). Additionally, you can approve other wallets (usually smart contracts belonging to decentralized exchanges) to access a specific portion of your tokens on your behalf. ERC20 tokens can only be moved on behalf of their owner address or approved addresses (up to the authorized amount).
Transactions are mined in numerical order, Nonce of each transaction is its position among the rest. For example, the 6th outgoing transaction from your wallet will be Nonce = 6. Sending a transaction with a Nonce lower than what's already confirmed will result in an Invalid transaction while sending one with a Nonce higher than what's already confirmed will result in that tranasction being stuck until every other transaction before it (lower nonces) are already confirmed.
Mined transactions that are confirmed can never be reversed under any circumstance. If you have sent Ethers or Tokens to the wrong address, they are permanently lost and there is no way to recover them. However, as long as a transaction is still Pending, you may be able to replace or overwrite it by sending another transaction with the same Nonce and (a much) higher Gas Price.
An invalid transaction would eventually get discarded and will never be mined/confirmed. However, interactions with Smart Contracts could end abruptly (you run out of gas to perform the processing) or have unexpected results (infinite loop, etc.). In such cases, the result would be a Failed transaction which still has to be mined and confirmed. Therefore Failed transactions still consume gas/fees while invalid transactions just get discarded (eventually). An example of an Invalid transaction would be one where the signature doesn't match the request (has been tampered with).
Resend that exact same transaction with the same Nonce and a higher Gas Price. Be careful not to confuse Gas Price with Gas Limit, setting them in reverse woud likely result in you losing massive amounts of Ether.
Transactions have to be confirmed in the order they were sent. If you have a pending transaction with a lower Nonce and Gas Price, new tranasctions (regardless of their Gas Price) cannot get confirmed until the previous one is. If you have a stuck transaction, sending new ones with higher Gas Price would only make things worse.
Currently, there's no direct way of scheduling transactions via your wallet. Additionally, there is no way to 100% accurately predict how long it will take for a transaction to be confirmed. But usually, if you pay a high enough Gas Price, there's a very good chance it would be confirmed quickly.
Ethers can be mined directly to a wallet, or be transferred to it via a Smart Contract called by a different address. For instance, a wallet could call the smart contract with a function that would result in Ether(s) being transferred to a different address. With token transfers, all such transactions would usually be visible on the Token Tracker. However, with direct Ether transfers, you would need to find the transaction on the history of the wallet that sent it to the Smart Contract (which then sent Ethers to a different wallet as a result).
1 GWei = 0.000000001 Ethers, either memorize that or remember that 109 GWeis make up one Ether. G is unit prefix: Giga. For the time being, it's easier to type 5 than 0.000000005.
If it was a personal wallet, simply use the private key of your ETC wallet as an ETH wallet as they're functionally the same thing. If it was an exchange, you would have to contact their support and hope they would help you out. The same Ethereum wallet can hold both ETH and ETC at the same time (although each is tracked on separate networks).
Explain how you did that first because it should be impossible. Bitcoin and Ethereum have different address structures, a Bitcoin wallet is not a valid Ethereum address. Actually being able to pull this off would likely result in an Invalid transaction.
Most common reasons for Failed transactions during ICOs are: ICO has already ended (and no longer accepts new payments); Only payments from whitelisted addresses are accepted (but you're not whitelisted); Smart Contract is Paused (most tokens are locked and cannot be transferred while ICO is active); or your Gas Limit was too low (and you ran out of gas).
submitted by R3TR1X to CryptoCurrency [link] [comments]

Information and FAQ

Hi, for everyone looking for help and support for IOTA you have come to the right place. Please read this information, the FAQ and the side bar before asking for help.

Information

IOTA

IOTA is an open-source distributed ledger protocol launched in 2015 that goes 'beyond blockchain' through its core invention of the blockless ‘Tangle’. The IOTA Tangle is a quantum-resistant Directed Acyclic Graph (DAG), whose digital currency 'iota' has a fixed money supply with zero inflationary cost.
IOTA uniquely offers zero-fee transactions & no fixed limit on how many transactions can be confirmed per second. Scaling limitations have been removed, since throughput grows in conjunction with activity; the more activity, the more transactions can be processed & the faster the network. Further, unlike blockchain architecture, IOTA has no separation between users and validators (miners / stakers); rather, validation is an intrinsic property of using the ledger, thus avoiding centralization.
IOTA is focused on being useful for the emerging machine-to-machine (m2m) economy of the Internet-of-Things (IoT), data integrity, micro-/nano- payments, and other applications where a scalable decentralized system is warranted.
More information can be found here.

Non reusable addresses

Contrary to traditional blockchain based systems such as Bitcoin, where your wallet addresses can be reused, IOTA's addresses should only be used once (for outgoing transfers). That means there is no limit to the number of transactions an address can receive, but as soon as you've used funds from that address to make a transaction, this address should not be used anymore.
The reason for this is, by making an outgoing transaction a part of the private key of that specific address is revealed, and it opens the possibility that someone may brute force the full private key to gain access to all funds on that address. The more outgoing transactions you make from the same address, the easier it will be to brute force the private key.
It should be noted that having access to the private key of an address will not reveal your seed or the private key of the other addresses within your seed / "account".
This piggy bank diagram can help visualize non reusable addresses. imgur link

Address Index

When a new address is generated it is calculated from the combination of a seed + Address Index, where the Address Index can be any positive Integer (including "0"). The wallet usually starts from Address Index 0, but it will skip any Address Index where it sees that the corresponding address has already been attached to the tangle.

Private Keys

Private keys are derived from a seeds key index. From that private key you then generate an address. The key index starting at 0, can be incremented to get a new private key, and thus address.
It is important to keep in mind that all security-sensitive functions are implemented client side. What this means is that you can generate private keys and addresses securely in the browser, or on an offline computer. All libraries provide this functionality.
IOTA uses winternitz one-time signatures, as such you should ensure that you know which private key (and which address) has already been used in order to not reuse it. Subsequently reusing private keys can lead to the loss of funds (an attacker is able to forge the signature after continuous reuse).
Exchanges are advised to store seeds, not private keys.

Double spending

Sending a transaction will move your entire balance to a completely new address, if you have more than one pending transaction only one can eventually be confirmed and the resulting balance is sent to your next wallet address. This means that the other pending transactions are now sent from an address that has a balance of 0 IOTA, and thus none of these pending transactions can ever be confirmed.

Transaction Process

As previously mentioned, in IOTA there are no miners. As such the process of making a transaction is different from any Blockchain out there today. The process in IOTA looks as follows:
  • Signing: You sign the transaction inputs with your private keys. This can be done offline.
  • Tip Selection: MCMC is used to randomly select two tips, which will be referenced by your transaction (branchTransaction and trunkTransaction)
  • Proof of Work: In order to have your transaction accepted by the network, you need to do some Proof of Work - similar to Hashcash, not Bitcoin (spam and sybil-resistance). This usually takes a few minutes on a modern pc.
After this is completed, the trunkTransaction, branchTransaction and nonce of the transaction object should be updated. This means that you can broadcast the transaction to the network now and wait for it to be approved by someone else.

FAQ

How do I to buy IOTA?

Currently not all exchanges support IOTA and those that do may not support the option to buy with fiat currencies.
One way to buy IOTA is to buy with bitcoin (BTC) or Ether (ETH), first you will need to deposit BTC/ETH onto an exchange wallet and you can the exchange them for IOTA.
You can buy BTC or ETH through coinbase. And exchange those for IOTA on Binance or Bitfinex (other exchanges do exist, some linked in the side bar).
A detailed guide to buying can be found here.

What is MIOTA?

MIOTA is a unit of IOTA, 1 Mega IOTA or 1 Mi. It is equivalent to 1,000,000 IOTA and is the unit which is currently exchanged.
We can use the metric prefixes when describing IOTA e.g 2,500,000,000 i is equivalent to 2.5 Gi.
Note: some exchanges will display IOTA when they mean MIOTA.

Can I mine IOTA?

No you can not mine IOTA, all the supply of IOTA exist now and no more can be made.
If you want to send IOTA, your 'fee' is you have to verify 2 other transactions, thereby acting like a minenode.

Where should I store IOTA?

It is not recommended to store large amounts of IOTA on the exchange as you will not have access to the private keys of the addresses generated.
However many people have faced problems with the current GUI Wallet and therefore group consensus at the moment is to store your IOTA on the exchange, until the release of the UCL Wallet, or the Paper Wallet.

What is the GUI wallet?

What is the UCL Wallet?

What is a seed?

A seed is a unique identifier that can be described as a combined username and password that grants you access to your wallet.
Your seed is used to generate the addresses linked to your account and so this should be kept private and not shared with anyone. If anyone obtains your seed, they can login and access your IOTA.

How do I generate a seed?

You must generate a random 81 character seed using only A-Z and the number 9.
It is recommended to use offline methods to generate a seed, and not recommended to use any non community verified techniques. To generate a seed you could:

On a Linux Terminal use the following command:

 cat /dev/urandom |tr -dc A-Z9|head -c${1:-81} 

On a Mac Terminal use the following command:

 cat /dev/urandom |LC_ALL=C tr -dc 'A-Z9' | fold -w 81 | head -n 1 

With KeePass on PC

A helpful guide for generating a secure seed on KeePass can be found here.

With a dice

Dice roll template

Is my seed secure?

  1. All seeds should be 81 characters in random order composed of A-Z and 9.
  2. Do not give your seed to anyone, and don’t keep it saved in a plain text document.
  3. Don’t input your seed into any websites that you don’t trust.
Is this safe? Can’t anyone guess my seed?
What are the odds of someone guessing your seed?
  • IOTA seed = 81 characters long, and you can use A-Z, 9
  • Giving 2781 = 8.7x10115 possible combinations for IOTA seeds
  • Now let's say you have a "super computer" letting you generate and read every address associated with 1 trillion different seeds per second.
  • 8.7x10115 seeds / 1x1012 generated per second = 8.7x10103 seconds = 2.8x1096 years to process all IOTA seeds.

Why does balance appear to be 0 after a snapshot?

When a snapshot happens, all transactions are being deleted from the Tangle, leaving only the record of how many IOTA are owned by each address. However, the next time the wallet scans the Tangle to look for used addresses, the transactions will be gone because of the snapshot and the wallet will not know anymore that an address belongs to it. This is the reason for the need to regenerate addresses, so that the wallet can check the balance of each address. The more transactions were made before a snapshot, the further away the balance moves from address index 0 and the more addresses have to be (re-) generated after the snapshot.

Why is my transaction pending?

IOTA's current Tangle implementation (IOTA is in constant development, so this may change in the future) has a confirmation rate that is ~66% at first attempt.
So, if a transaction does not confirm within 1 hour, it is necessary to "reattach" (also known as "replay") the transaction one time. Doing so one time increases probability of confirmation from ~66% to ~89%.
Repeating the process a second time increases the probability from ~89% to ~99.9%.

What does attach to the tangle mean?

The process of making an transaction can be divided into two main steps:
  1. The local signing of a transaction, for which your seed is required.
  2. Taking the prepared transaction data, choosing two transactions from the tangle and doing the POW. This step is also called “attaching”.
The following analogy makes it easier to understand:
Step one is like writing a letter. You take a piece of paper, write some information on it, sign it at the bottom with your signature to authenticate that it was indeed you who wrote it, put it in an envelope and then write the recipient's address on it.
Step two: In order to attach our “letter” (transaction), we go to the tangle, pick randomly two of the newest “letters” and tie a connection between our “letter” and each of the “letters” we choose to reference.
The “Attach address” function in the wallet is actually doing nothing else than making an 0 value transaction to the address that is being attached.

How do I reattach a transaction.

Reattaching a transaction is different depending on where you send your transaction from. To reattach using the GUI Desktop wallet follow these steps:
  1. Click 'History'.
  2. Click 'Show Bundle' on the 'pending' transaction.
  3. Click 'Reattach'.
  4. Click 'Rebroadcast'. (optional, usually not required)
  5. Wait 1 Hour.
  6. If still 'pending', repeat steps 1-5 once more.

What happens to pending transactions after a snapshot?

How do I recover from a long term pending transaction?

How can I support IOTA?

You can support the IOTA network by setting up a Full Node, this will help secure the network by validating transactions broadcast by other nodes.
Running a full node also means you don't have to trust a 3rd party in showing you the correct balance and transaction history of your wallet.
By running a full node you get to take advantage of new features that might not be installed on 3rd party nodes.

How to set up a full node?

To set up a full node you will need to follow these steps:
  1. Download the full node software: either GUI, or headless CLI for lower system requirements and better performance.
  2. Get a static IP for your node.
  3. Join the network by adding 7-9 neighbours.
  4. Keep your full node up and running as much as possible.
A detailed user guide on how to set up a VTS IOTA Full Node from scratch can be found here.

How do I get a static IP?

To learn how to setup a hostname (~static IP) so you can use the newest IOTA versions that have no automated peer discovery please follow this guide.

How do I find a neighbour?

Are you a single IOTA full node looking for a partner? You can look for partners in these place:

Extras

Transaction Example:

Multiple Address in 1 Wallet Explained:

submitted by Boltzmanns_Constant to IOTASupport [link] [comments]

Introduction to Dalilcoin

Dalilcoin is a cryptocurrency and p2p network with support for publishing formalised mathematics. The code is based on a fork of Qeditas (qeditas.org). Like Qeditas, the initial distribution is an airdrop based on Bitcoin balances from May 2015 (Bitcoin block 350,000). The testnet for Dalilcoin started running on March 29, 2018, and the mainnet is expected to start in April or May 2018. The code is on github (github.com/aliibrahim80/dalilcoin).
Unlike most cryptocurrencies, Dalilcoin is not intended to support general payments. Instead the primary purpose is to allow people to publish documents creating definitions and proving propositions. Before a proposition has been proven, users can put a bounty on the proposition to encourage someone to prove it (or prove its negation). The publisher of a document can (and must) create ownership assets (deeds) to indicate ownership of the new objects defined and new propositions proven in the document. The owner can optionally allow later documents to import the object (without redefining it) or import the proposition (without reproving it). Such imports may require "rights" to be purchased from the corresponding owner's address. (Owners also have the option to allow objects and propositions to be freely imported without purchasing rights, or completely disallow such imports.) Deeds are also transferable.
Following Qeditas, the primary currency units are called fraenks. The smallest currency units are called cants. There are 100 billion cants in each fraenk. As in Bitcoin, there will never be more than 21 million Dalilcoin fraenks. The initial 14 million fraenks come from the airdrop corresponding to the Qeditas snapshot from 2015. The remaining 7 million fraenks will be distributed as rewards for creating blocks, using the same reward schedule as Bitcoin (where Dalilcoin's first block will correspond to Bitcoin's 350,000th block). The initial reward will be 25 fraenks for 70,000 blocks. It will then halve every 210,000 blocks.
More details about the currency and support for theorem proving can be found in the Qeditas white paper (qeditas.org/docs/qeditas.pdf).
The most significant change Dalilcoin made after forking from Qeditas is the consensus algorithm. Dalilcoin uses a combination of Proof of Burn and Proof of Stake, with the Proof of Burn relying on a second more established blockchain (Litecoin). In order to make limited use of valuable Litecoin block space, Dalilcoin will have very slow blocks. On average there should be 4 blocks per day, or one block every 6 hours. This will only require 4 corresponding Litecoin transactions per day. Due to the slow block time, there will only be approximately 100 fraenks produced as rewards per day and the first halving will take place after roughly 47 years.
Consensus Algorithm
Qeditas was designed to use Proof of Stake and Proof of Storage. There are a number of criticisms of Proof of Stake, and Dalilcoin addresses some of these by combining Proof of Stake with Proof of Burn. Everytime a Dalilcoin block is staked, the staker must create a transaction published to the Litecoin network. The Litecoin transaction must have a hash that begins with the two bytes 0x4461 (ASCII "Da") so that Dalilcoin nodes listening to the Litecoin network only need to examine the small percentage of Litecoin transactions whose txid begins with 4461. (To prevent transaction malleability, Dalilcoin stakers should only be spending from SegWit addresses.) The first output in this Litecoin transaction must be an OP_RETURN containing a push of at least 64 bytes. The first 32 bytes must be the hash of the previous Litecoin burn tx (or all 0s in the case of the first burn tx for the Dalilcoin Genesis Block) and the next 32 bytes must be the hash of the next Dalilcoin block (the one being created). In general the OP_RETURN will push more than 64 bytes with the extra bytes being used as a nonce to ensure the Litecoin tx has a hash beginning with 0x4461. The OP_RETURN output will also burn some litecoins (possibly burning 0 litecoins). The number of litoshis burned is multiplied by 1 million and added to the number of cants held by the staked asset. The resulting value is multiplied by Dalilcoin's coinage and used to determine if the staker has a "hit" and is allowed to stake a block. (To be more precise, Dalilcoin's staking code computes how many litoshis would need to be burned in order to stake with a given asset during a given second. If the amount to be burned is sufficiently low, a block is minted.)
The stake modifier for the next Dalilcoin block is determined by hashing the previous burn tx and the hash of the Litecoin block header in which the burn tx was published. This is essentially using Litecoin miners as random number generators to choose the next Dalilcoin stakers. (Of course, Litecoin miners are rewarded for this by the fees in the burn txs.)
Any node that has access to the Litecoin block chain will be able to use the information in the Litecoin burn transactions to know the current state of the Dalilcoin block tree. The primary question that remains is how one determines the current "best" block. The usual way is to compute some cumulative weight (e.g., cumulative Proof of Work) and choose the block with the highest such value. Here we can rely on Litecoin to make the most important choices, as it can act as a way to determine when one Dalilcoin block was minted before another.
Suppose a Dalilcoin Block B1 was minted with a Litecoin burn tx at (Litecoin) height H1. Next suppose a Dalilcoin Block B2 (successor to B1) was minted at height H2>H1. If someone mints an alternative Dalilcoin Block B2' (successor to B1) and publishes the burn tx at height H2' > H2, Dalilcoin will consider B2 to be the best block, with two exceptions.
First, the minter of B2' could reorganize the Litecoin block chain so that H2' < H2. To avoid this possibility, we rely on the security of the Litecoin block chain.
Second, no one might build a successor to B2 for a week (based on both the Litecoin block count and the median times in Litecoin blocks). If no one built a successor to B2 in one week, but a successor to B2' (possibly B2' itself) is less than a week old, then it becomes the best block. This second case has the consequence that if no one mints a Dalilcoin block for a week, the Dalilcoin block chain will no longer be live, and it would require a hard fork to reactivate.
In the rare case that two Dalilcoin blocks were minted close enough in time that both burn txs are included in the same Litecoin block, Dalilcoin will consider both equally good and wait for the next block to resolve the tie.
The coin age factor for staking assets is also novel, and is dependent on the properties of the currency asset being staked. Assets from the initial distribution (with birthday 0) start with a maximum age of 1089 (33 squared). Unlocked currency assets with a positive birthday have coinage factor n squared, where n increases every 16 blocks (roughly 4 days) until n is 33 (after roughly 4 months). Currency assets can also be locked until a certain block height L. For locked currency assets that are not block rewards, the asset has maximum age of 1089 until 8 blocks before the asset unlocks. After the asset has passed the lock height, it ages slowly, with age n squared with n increasing roughly once every 4 months until n is 33. Block rewards must always be locked for at least 512 blocks (about 4 months). In the case of block rewards, starting after 32 blocks (8 days) the asset becomes available for staking and ages in the same manner as an unlocked asset ages (increasing n every 3 days). When a reward is 8 blocks from being unlocked, it is not available for staking. After the lock height has passed, a reward begins gaining coinage using the slow formula, with n increasing every 4 months until n is 33.
The consensus algorithm for the Dalilcoin testnet is the same, except the Litecoin testnet is used instead of the mainnet.
Initial Distribution
As mentioned above the initial distribution of 14 million fraenks corresponds to Bitcoin balances as of Bitcoin block 350,000. In a system partly based on Proof of Stake, there is a danger in having the vast majority of the currency left as an untouched airdrop for an indefinite period of time. On the other hand, those who wish to participate in the network should have a sufficient amount of time to find out about the network and claim their part of the airdrop. The compromise position Dalilcoin has taken is to have the full 14 million fraenks available for Bitcoin holders from the time of the snapshot to claim for roughly 6 months (730 Dalilcoin blocks) after which the value of the unclaimed airdrop distribution will halve. Such a halving will continue every 730 blocks for roughly 27 years, at which time the unclaimed portion of the initial distribution will have no value. This means if you had 2 bitcoins at the time of the snapshot, you can claim 2 fraenks for the first 730 Dalilcoin blocks. If you do not claim these 2 fraenks, you will be able to only claim 1 fraenk for the next 730 Dalilcoin blocks, and so on.
One of the cryptographically responsible aspects of Qeditas was the use of Bitcoin signed endorsements to claim airdropped fraenks. Dalilcoin also supports endorsements. Anyone who has the private key for a Bitcoin address that had a nonzero balance can claim their part of the airdrop without importing their private key to the Dalilcoin software. Instead users can sign a message with their Bitcoin private key that "endorses" a different Dalilcoin address to be able to sign Dalilcoin transactions for the airdrop address. Conclusion
Dalilcoin is a very different kind of cryptocurrency project, targeting formalised mathematics instead of payments. The consensus algorithm makes use of an established secure blockchain (Litecoin's). The block time is far too slow to be useful for payments. Instead Dalilcoin blocks can be seen as something between a cryptocurrency ledger and an academic journal. Four blocks per day is very slow for a cryptocurrency, but very fast for journal issues.
The testnet is running now and the mainnet should be running soon. In a future article I will give more detailed instructions on how to run a node. In the meantime, feel free to clone the git repo or download the latest release, compile the code and try to connect to the testnet network. If you have trouble, ask questions here on the Dalilcoin subreddit (or, if you are desperate enough, read the README file in the repo).
submitted by aliibrahim80 to dalilcoin [link] [comments]

The missing explanation of Proof of Stake Version 3 - Article by earlz.net

The missing explanation of Proof of Stake Version 3

In every cryptocurrency there must be some consensus mechanism which keeps the entire distributed network in sync. When Bitcoin first came out, it introduced the Proof of Work (PoW) system. PoW is done by cryptographically hashing a piece of data (the block header) over and over. Because of how one-way hashing works. One tiny change in the data can cause an extremely different hash to come of it. Participants in the network determine if the PoW is valid complete by judging if the final hash meets a certain condition, called difficulty. The difficulty is an ever changing "target" which the hash must meet or exceed. Whenever the network is creating more blocks than scheduled, this target is changed automatically by the network so that the target becomes more and more difficult to meet. And thus, requires more and more computing power to find a hash that matches the target within the target time of 10 minutes.

Definitions

Some basic definitions might be unfamiliar to some people not familiar with the blockchain code, these are:

Proof of Work and Blockchain Consensus Systems

Proof of Work is a proven consensus mechanism that has made Bitcoin secure and trustworthy for 8 years now. However, it is not without it's fair share of problems. PoW's major drawbacks are:
  1. PoW wastes a lot of electricity, harming the environment.
  2. PoW benefits greatly from economies of scale, so it tends to benefit big players the most, rather than small participants in the network.
  3. PoW provides no incentive to use or keep the tokens.
  4. PoW has some centralization risks, because it tends to encourage miners to participate in the biggest mining pool (a group of miners who share the block reward), thus the biggest mining pool operator holds a lot of control over the network.
Proof of Stake was invented to solve many of these problems by allowing participants to create and mine new blocks (and thus also get a block reward), simply by holding onto coins in their wallet and allowing their wallet to do automatic "staking". Proof Of Stake was originally invented by Sunny King and implemented in Peercoin. It has since been improved and adapted by many other people. This includes "Proof of Stake Version 2" by Pavel Vasin, "Proof of Stake Velocity" by Larry Ren, and most recently CASPER by Vlad Zamfir, as well as countless other experiments and lesser known projects.
For Qtum we have decided to build upon "Proof of Stake Version 3", an improvement over version 2 that was also made by Pavel Vasin and implemented in the Blackcoin project. This version of PoS as implemented in Blackcoin is what we will be describing here. Some minor details of it has been modified in Qtum, but the core consensus model is identical.
For many community members and developers alike, proof of stake is a difficult topic, because there has been very little written on how it manages to accomplish keeping the network safe using only proof of ownership of tokens on the network. This blog post will go into fine detail about Proof of Stake Version 3 and how it's blocks are created, validated, and ultimately how a pure Proof of Stake blockchain is possible to secure. This will assume some technical knowledge, but I will try to explain things so that most of the knowledge can be gathered from context. You should at least be familiar with the concept of the UTXO-based blockchain.
Before we talk about PoS, it helps to understand how the much simpler PoW consensus mechanism works. It's mining process can be described in just a few lines of pseudo-code:
while(blockhash > difficulty) { block.nonce = block.nonce + 1 blockhash = sha256(sha256(block)) } 
A hash is a cryptographic algorithm which takes an arbritrary amount of input data, does a lot of processing of it, and outputs a fixed-size "digest" of that data. It is impossible to figure out the input data with just the digest. So, PoW tends to function like a lottery, where you find out if you won by creating the hash and checking it against the target, and you create another ticket by changing some piece of data in the block. In Bitcoin's case, nonce is used for this, as well as some other fields (usually called "extraNonce"). Once a blockhash is found which is less than the difficulty target, the block is valid, and can be broadcast to the rest of the distributed network. Miners will then see it and start building the next block on top of this block.

Proof of Stake's Protocol Structures and Rules

Now enter Proof of Stake. We have these goals for PoS:
  1. Impossible to counterfeit a block
  2. Big players do not get disproportionally bigger rewards
  3. More computing power is not useful for creating blocks
  4. No one member of the network can control the entire blockchain
The core concept of PoS is very similar to PoW, a lottery. However, the big difference is that it is not possible to "get more tickets" to the lottery by simply changing some data in the block. Instead of the "block hash" being the lottery ticket to judge against a target, PoS invents the notion of a "kernel hash".
The kernel hash is composed of several pieces of data that are not readily modifiable in the current block. And so, because the miners do not have an easy way to modify the kernel hash, they can not simply iterate through a large amount of hashes like in PoW.
Proof of Stake blocks add many additional consensus rules in order to realize it's goals. First, unlike in PoW, the coinbase transaction (the first transaction in the block) must be empty and reward 0 tokens. Instead, to reward stakers, there is a special "stake transaction" which must be the 2nd transaction in the block. A stake transaction is defined as any transaction that:
  1. Has at least 1 valid vin
  2. It's first vout must be an empty script
  3. It's second vout must not be empty
Furthermore, staking transactions must abide by these rules to be valid in a block:
  1. The second vout must be either a pubkey (not pubkeyhash!) script, or an OP_RETURN script that is unspendable (data-only) but stores data for a public key
  2. The timestamp in the transaction must be equal to the block timestamp
  3. the total output value of a stake transaction must be less than or equal to the total inputs plus the PoS block reward plus the block's total transaction fees. output <= (input + block_reward + tx_fees)
  4. The first spent vin's output must be confirmed by at least 500 blocks (in otherwords, the coins being spent must be at least 500 blocks old)
  5. Though more vins can used and spent in a staking transaction, the first vin is the only one used for consensus parameters.
These rules ensure that the stake transaction is easy to identify, and ensures that it gives enough info to the blockchain to validate the block. The empty vout method is not the only way staking transactions could have been identified, but this was the original design from Sunny King and has worked well enough.
Now that we understand what a staking transaction is, and what rules they must abide by, the next piece is to cover the rules for PoS blocks:
There are a lot of details here that we'll cover in a bit. The most important part that really makes PoS effective lies in the "kernel hash". The kernel hash is used similar to PoW (if hash meets difficulty, then block is valid). However, the kernel hash is not directly modifiable in the context of the current block. We will first cover exactly what goes into these structures and mechanisms, and later explain why this design is exactly this way, and what unexpected consequences can come from minor changes to it.

The Proof of Stake Kernel Hash

The kernel hash specifically consists of the following exact pieces of data (in order):
The stake modifier of a block is a hash of exactly:
The only way to change the current kernel hash (in order to mine a block), is thus to either change your "prevout", or to change the current block time.
A single wallet typically contains many UTXOs. The balance of the wallet is basically the total amount of all the UTXOs that can be spent by the wallet. This is of course the same in a PoS wallet. This is important though, because any output can be used for staking. One of these outputs are what can become the "prevout" in a staking transaction to form a valid PoS block.
Finally, there is one more aspect that is changed in the mining process of a PoS block. The difficulty is weighted against the number of coins in the staking transaction. The PoS difficulty ends up being twice as easy to achieve when staking 2 coins, compared to staking just 1 coin. If this were not the case, then it would encourage creating many tiny UTXOs for staking, which would bloat the size of the blockchain and ultimately cause the entire network to require more resources to maintain, as well as potentially compromise the blockchain's overall security.
So, if we were to show some pseudo-code for finding a valid kernel hash now, it would look like:
while(true){ foreach(utxo in wallet){ blockTime = currentTime - currentTime % 16 posDifficulty = difficulty * utxo.value hash = hash(previousStakeModifier << utxo.time << utxo.hash << utxo.n << blockTime) if(hash < posDifficulty){ done } } wait 16s -- wait 16 seconds, until the block time can be changed } 
This code isn't so easy to understand as our PoW example, so I'll attempt to explain it in plain english:
Do the following over and over for infinity: Calculate the blockTime to be the current time minus itself modulus 16 (modulus is like dividing by 16, but then only instead of taking the result, taking the remainder) Calculate the posDifficulty as the network difficulty, multiplied by the number of coins held by the UTXO. Cycle through each UTXO in the wallet. With each UTXO, calculate a SHA256 hash using the previous block's stake modifier, as well as some data from the the UTXO, and finally the blockTime. Compare this hash to the posDifficulty. If the hash is less than the posDifficulty, then the kernel hash is valid and you can create a new block. After going through all UTXOs, if no hash produced is less than the posDifficulty, then wait 16 seconds and do it all over again. 
Now that we have found a valid kernel hash using one of the UTXOs we can spend, we can create a staking transaction. This staking transaction will have 1 vin, which spends the UTXO we found that has a valid kernel hash. It will have (at least) 2 vouts. The first vout will be empty, identifying to the blockchain that it is a staking transaction. The second vout will either contain an OP_RETURN data transaction that contains a single public key, or it will contain a pay-to-pubkey script. The latter is usually used for simplicity, but using a data transaction for this allows for some advanced use cases (such as a separate block signing machine) without needlessly cluttering the UTXO set.
Finally, any transactions from the mempool are added to the block. The only thing left to do now is to create a signature, proving that we have approved the otherwise valid PoS block. The signature must use the public key that is encoded (either as pay-pubkey script, or as a data OP_RETURN script) in the second vout of the staking transaction. The actual data signed in the block hash. After the signature is applied, the block can be broadcast to the network. Nodes in the network will then validate the block and if it finds it valid and there is no better blockchain then it will accept it into it's own blockchain and broadcast the block to all the nodes it has connection to.
Now we have a fully functional and secure PoSv3 blockchain. PoSv3 is what we determined to be most resistant to attack while maintaining a pure decentralized consensus system (ie, without master nodes or currators). To understand why we approached this conclusion however, we must understand it's history.

PoSv3's History

Proof of Stake has a fairly long history. I won't cover every detail, but cover broadly what was changed between each version to arrive at PoSv3 for historical purposes:
PoSv1 - This version is implemented in Peercoin. It relied heavily on the notion of "coin age", or how long a UTXO has not been spent on the blockchain. It's implementation would basically make it so that the higher the coin age, the more the difficulty is reduced. This had the bad side-effect however of encouraging people to only open their wallet every month or longer for staking. Assuming the coins were all relatively old, they would almost instantaneously produce new staking blocks. This however makes double-spend attacks extremely easy to execute. Peercoin itself is not affected by this because it is a hybrid PoW and PoS blockchain, so the PoW blocks mitigated this effect.
PoSv2 - This version removes coin age completely from consensus, as well as using a completely different stake modifier mechanism from v1. The number of changes are too numerous to list here. All of this was done to remove coin age from consensus and make it a safe consensus mechanism without requiring a PoW/PoS hybrid blockchain to mitigate various attacks.
PoSv3 - PoSv3 is really more of an incremental improvement over PoSv2. In PoSv2 the stake modifier also included the previous block time. This was removed to prevent a "short-range" attack where it was possible to iteratively mine an alternative blockchain by iterating through previous block times. PoSv2 used block and transaction times to determine the age of a UTXO; this is not the same as coin age, but rather is the "minimum confirmations required" before a UTXO can be used for staking. This was changed to a much simpler mechanism where the age of a UTXO is determined by it's depth in the blockchain. This thus doesn't incentivize inaccurate timestamps to be used on the blockchain, and is also more immune to "timewarp" attacks. PoSv3 also added support for OP_RETURN coinstake transactions which allows for a vout to contain the public key for signing the block without requiring a full pay-to-pubkey script.

References:

  1. https://peercoin.net/assets/papepeercoin-paper.pdf
  2. https://blackcoin.co/blackcoin-pos-protocol-v2-whitepaper.pdf
  3. https://www.reddcoin.com/papers/PoSV.pdf
  4. https://blog.ethereum.org/2015/08/01/introducing-casper-friendly-ghost/
  5. https://github.com/JohnDolittle/blackcoin-old/blob/mastesrc/kernel.h#L11
  6. https://github.com/JohnDolittle/blackcoin-old/blob/mastesrc/main.cpp#L2032
  7. https://github.com/JohnDolittle/blackcoin-old/blob/mastesrc/main.h#L279
  8. http://earlz.net/view/2017/07/27/1820/what-is-a-utxo-and-how-does-it
  9. https://en.bitcoin.it/wiki/Script#Obsolete_pay-to-pubkey_transaction
  10. https://en.bitcoin.it/wiki/Script#Standard_Transaction_to_Bitcoin_address_.28pay-to-pubkey-hash.29
  11. https://en.bitcoin.it/wiki/Script#Provably_Unspendable.2FPrunable_Outputs
Article by earlz.net
http://earlz.net/view/2017/07/27/1904/the-missing-explanation-of-proof-of-stake-version
submitted by B3TeC to Moin [link] [comments]

BITCOIN GENERATOR FREE BITCOIN MINER 2020 100% LEGIT BITCOIN MONEY ADD BITCOIN GENERATOR MINER. FREE BITCOIN. LEGIT BITCOIN SITE. 100% BTC. FREE BITCOIN GEN. Bitcoin Q&A: Nonces, mining, and quantum computing Noob's Guide To Bitcoin Mining - Super Easy & Simple What Bitcoin Miners Actually Do

Nonce is a 32 bit arbitrary random number that is typically used once. In Bitcoin's mining process, the goal is to find a hash below a target number which is calculated based on the difficulty. Proof of work in Bitcoin's mining takes an input consists of Merkle Root, timestamp, previous block hash and few other things plus a nonce which is completely random number. This requires extra computation in order to propagate the change upwards until a new root of the merkle tree is calculated. The Miner Reward. A miner who successfully publishes a block the fastest is rewarded brand new Bitcoin, created out of thin air. That reward currently stands at 12.5 BTC. Just how do these Bitcoins come into existence? A solo miner increments Nonce until it overflows. Then it increments extraNonce and resets Nonce. extraNonce is located in the coinbase transaction, so changing it alters the Merkle root. extraNonce is reset based on the time. Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. You might be interested in Bitcoin if you like cryptography, distributed peer-to-peer systems, or economics. There's also this extra nonce parameter in there. So after you've exhausted all possible nonces in the block header for the extra nonce in the coinbase transaction of all zeroes. You'll step the extra nonce in the coinbase transaction up to one, and then you'll start searching nonces in the block header once again.

[index] [19638] [1808] [20553] [5867] [23696] [28620] [26179] [24109] [30295] [25682]

BITCOIN GENERATOR FREE BITCOIN MINER 2020 100% LEGIT BITCOIN MONEY ADD

How to mine bitcoin: how bitcoin mining works mining works the nonce, How Mining Works The Nonce, merkle tree, merkle, one way function, explainer, chainthat, how do hashes work, hashes ... He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters. How Much Can You Make Mining Bitcoin With 6X 1080 Ti Beginners Guide - Duration: 19:20. How Much? 1,776,778 views. 19:20. Inside The Cryptocurrency Revolution VICE on HBO - Duration: 13:54. BITCOIN GENERATOR MINER. FREE BITCOIN. LEGIT BITCOIN SITE. 100% BTC. FREE BITCOIN GEN. Go Site: https://bit.ly/2ACBZvp Crypto Bitcoin Generator. Free to use. Get your first free cryptocurrency on ... bitcoin miner, bitcoin gpu, cuda bitcoin miner, python opencl bitcoin miner, bitcoin miner software, bitcoin miner virus, bitcoin miner download, bitcoin miner windows, online bitcoin miner,

Flag Counter